lockbit2 attacks Thales

Incident Date: Jan 03, 2022

Attack Overview
VICTIM
Thales
INDUSTRY
Manufacturing
LOCATION
Sweden
ATTACKER
Lockbit
FIRST REPORTED
January 3, 2022

Thales, a Global Leader in Cybersecurity, Suffers Ransomware Attack

Thales, a global leader in advanced technologies, has been targeted by the ransomware group Lockbit2, according to a leak on the group's dark web site. The company, which operates in the manufacturing sector, has a significant presence in the defense, aerospace, and security industries. Thales has been identified as a leader in cybersecurity and data protection, offering a range of cybersecurity solutions to protect businesses from various threats, including ransomware.

Company Overview

Thales is a global leader in advanced technologies, with a presence in three domains: Defense & Security, Aeronautics & Space, and Digital Identity & Security. The company invests close to €4 billion a year in Research & Development, particularly in key areas such as quantum technologies, Edge computing, 6G, and cybersecurity. Thales has 77,000 employees worldwide and generated sales of €17.6 billion in 2022.

Vulnerabilities and Mitigation

Despite Thales's expertise in cybersecurity, the company has not been immune to ransomware attacks. In 2024, the Thales Data Threat Report revealed a 27% increase in ransomware attacks, with 8% of organizations paying the ransom. The report also highlighted human error as the leading cause of data breaches, with 31% of enterprises pinpointing this as the root cause.

To mitigate ransomware attacks, Thales offers CipherTrust Transparent Encryption Ransomware Protection, which blocks untrusted or rogue binaries from accessing data and protects it by encrypting it. The company also emphasizes the importance of multifaceted ransomware defense, including XDR applications, data encryption, user access policies, key management, and MFA.

Impact and Response

The ransomware attack on Thales is a reminder that no organization is immune to cyber threats, even those with robust cybersecurity capabilities. The company has not released a public statement regarding the attack, and it is unclear whether the ransom was paid or if the data was recovered.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

1
2
3
Let's get started
1
1
2
3
1
1
2
2
3
Back
Next
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.