Accenture reports that it has suffered a data theft, but of a limited extent, after an announcement of the criminals who carried out the attack. This is the Lockbit gang, Russian and already guilty of the attacks on Italian companies in recent days (Erg, Salini, among others).
The criminals last night posted an ultimatum on their dark web site claiming to have stolen the data of the consulting multinational. With a ransom, of an undisclosed amount: but they ask Accenture to contact them, “to buy the data”. The implicit threat is that they would otherwise sell or publish this data.
The ultimatum would expire today, “but usually these criminals do not respect the deadlines,” says Alberto Pelliccione, of Reaqta.
“Attack of limited magnitude, we immediately isolated the affected areas,” says Accenture.
“It means they found where they entered and isolated the area, so the criminals can’t steal any more data,” explains Paolo dal Checco, computer forensic. “Remarkable that the criminals gave such a short-lived ultimatum; it is very unusual and would confirm that they have only managed to steal a few data. They give the company little time to push it to pay before it notices the low relevance of the data, ”he adds.
“However potentially data theft from a large consulting firm with thousands of customers is concerning,” he adds. “Because there may be customer information in that stolen data. Maybe passwords with which to enter their networks to steal even more data, “he explains.
Loading…
A bit like what happened in Erg, where Lockbit’s criminals entered through its supplier Engineering (and here they entered through the network of one of its customers, vulnerable to attack) .Accenture is a company that also advises on cybersecurity and has always opposed the payment of ransoms; reason why Lockbit targeted her: to question her reliability, thus hitting her in reputation. This is what we read in the same announcement by the criminals, which accuses Accenture of having services lacking in terms of privacy and security.
«But an attack of this type can hit anyone, even the most protected systems – explains Dal Checco. It is always possible for a criminal to find a vulnerable computer connected to the corporate network. For example, a collaborator or consultant in smart working ». This is exactly what happened to the Lazio Region, according to official sources: by violating a computer of an employee in smartworking, in Frosinone, the criminals (the Ransomexx gang) managed to have wide access to the systems of the Region and therefore were able to block critical importance.
“Since an attack can always hit, the security of a system is now reflected in its ability to limit damage by isolating illegal entry; so that criminals have access only to data visible through the hacked computer or account. And not to others. ”It could be exactly what happened at Accenture; but it will be certain only when the criminals reveal their cards. Or your own bluff.