Harmful hackers claim to have hacked the network system of the Foxconn Baja factory in Mexico on June 11. Using Lockbeat 2.0 ransomware to manage cyber-attacks, hackers threaten to release stolen files if the company does not pay a ransom.
The factory specializes in manufacturing, consumer electronics, medical devices and industrial activities. Located in Tijuana, Mexico, near the California border, the facility is an electronics manufacturing giant that employs 5,000 people.
Unfortunately, this is not the first time that the company has faced such an attack. In December 2020, Doppelmer’s extortionist gang uncovered documents stolen from some of its databases in the United States. The Ransomware gang demanded $ 34 million in bitcoin as ransom.
SecurityTwick has tried to contact the electronics manufacturer but has not yet received a response. However, unconfirmed reports indicate that the impact of the latest ransomware attack on Foxconn’s operational technology system is still unknown.
How to recognize a ransomware attack
Recently, such attacks have become more frequent as some companies, such as the Foxconn Baja factory, have been repeatedly exposed to ransomware attacks. The Lockbeat 2.0 attackers claimed to have acquired the files from a tire and rubber company, Bridgestone Americas.
In February, the FBI signaled a compromise for the Lockbit 2.0 attack to address this growing threat, saying that ransomware operators often target the company’s networks. The purpose of the IOC is to enable all companies to identify potential ransomware attacks in a timely manner and to seal all vulnerabilities that create opportunities for exploiters to exploit.
Based on a variety of strategies and protocols, LockBit 2.0 is commonly referred to as a RaaS, thus complicating the detection and mitigation process. Ransomware operators either pay for access or gain access to corporate network systems by using encrypted errors, zero-day breaches, or internal access.
Privileges are enhanced using publicly available tools like Mimikatz once in a network. Data is extracted using an off-the-shelf and custom program to enable LockBit ransomware to encrypt victim files.
The attackers left a ransom letter in the compromised directory to inform the victim about how to get a decryption tool. Victims often threaten to leak stolen information online if they fail to pay the ransom demanded.
How to prevent ransomware attacks
Unfortunately, many businesses do not take this issue seriously. After a serious ransomware attack hits them, they spend the time and money needed to strengthen their cyber security defenses.
Since prevention is better than cure, it is important not to wait until it is too late to take precautionary measures. Here are 6 preventative measures that companies can take to keep hackers away
- Employees will need to go through frequent cyber security awareness programs to keep them up to date on the latest cyber risks and how to identify early-stage attacks.
- Authorization to install or run systems and applications should be restricted to users. The potential for malware to increase in a network may be limited.
- Antivirus software should be active on all devices and update software regularly to make sure fixes are implemented.
- To detect attacks, scan all emails and conduct regular data backups.
- To reduce the risk of intrusion, use proper security practices such as never browsing links and downloading files from unknown sources.
- Configure the firewall to prevent malicious IP addresses from gaining access. For additional account security, use strong passwords and enable multi-factor authentication.
Final comment
Hackers have changed their tactics and are now focusing their efforts on companies with significantly better returns on investment rather than targeting individuals, as evidenced by repeated ransomware attacks at the Foxconn factory.
Therefore, all organizations need to be vigilant and reduce the risk of ransomware by strengthening their overall cyber defense. They can complement their current cybersecurity defense by identifying these threats immediately and responding appropriately to avoid being victimized.
