{
	"id": "84ca2e1a-2d94-4c41-9a88-294ee913041f",
	"created_at": "2026-04-06T03:36:00.282205Z",
	"updated_at": "2026-04-10T03:21:53.335209Z",
	"deleted_at": null,
	"sha1_hash": "12050358fcf31c14fc2d841abdb5f2c3fa82fa8a",
	"title": "Lockbit Ramps Up Attacks on Public Sector",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 40259,
	"plain_text": "Lockbit Ramps Up Attacks on Public Sector\r\nBy Phil Muncaster\r\nPublished: 2022-07-26 · Archived: 2026-04-06 02:52:19 UTC\r\nThe prolific Lockbit ransomware gang appears to have claimed another two scalps in recent days: the Canadian\r\ntown of St Marys and the Italian tax agency.\r\nThe local administration at St Marys explained in an update on Friday that the attack occurred last Wednesday,\r\nlocking an internal server and encrypting data on it.\r\n“Upon learning of the incident, staff took immediate steps to secure any sensitive information, including locking\r\ndown the town’s IT systems and restricting access to email. The town also notified its legal counsel, the Stratford\r\nPolice Service and the Canadian Centre for Cyber Security,” a statement read.\r\n“The town is now working with cyber incident response experts to investigate the source of the incident, restore\r\nits back up data and assess the impacts on its information, if any. These experts are also assisting staff as they\r\nwork to fully unlock and decrypt the town’s systems, a process that could take days.”\r\nCritical local services, including fire, police, transit and water/wastewater systems were apparently unaffected by\r\nthe incident, but it’s unclear if any sensitive data was stolen in the raid.\r\nThat’s not the case in Italy, where an attack by affiliates using the Lockbit ransomware reportedly resulted in the\r\ntheft of 78GB of data.\r\nHackers targeted Italian revenue agency l'Agenzia delle Entrate, so that data could theoretically contain highly\r\nsensitive personal and financial information.\r\nAccording to the local ANSA news wire, the revenue service has asked Italy’s Sogei IT agency to look into reports\r\nthat the threat actors have given it five days to pay up or else risk the files being made public.\r\nMike Varley, threat consultant at Adarma, argued that public sector organizations are often targeted because\r\nhackers believe they’re more likely to pay.\r\n\"Organizations seeking to improve their overall ransomware resilience should be proactively asking themselves,\r\n‘where are we most vulnerable to external threats?’ ‘what are we protecting?’ and ‘where are those assets\r\nhoused?,’ he added.\r\n“Security teams need to be actively hunting out control gaps and closing them by either tweaking existing\r\ncontrols, through technology acquisition, undertaking additional monitoring or by doing all three.”\r\nhttps://www.infosecurity-magazine.com/news/lockbit-ramps-up-attacks-on-public/\r\nPage 1 of 2\n\nSource: https://www.infosecurity-magazine.com/news/lockbit-ramps-up-attacks-on-public/\r\nhttps://www.infosecurity-magazine.com/news/lockbit-ramps-up-attacks-on-public/\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://www.infosecurity-magazine.com/news/lockbit-ramps-up-attacks-on-public/"
	],
	"report_names": [
		"lockbit-ramps-up-attacks-on-public"
	],
	"threat_actors": [],
	"ts_created_at": 1775446560,
	"ts_updated_at": 1775791313,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/12050358fcf31c14fc2d841abdb5f2c3fa82fa8a.pdf",
		"text": "https://archive.orkl.eu/12050358fcf31c14fc2d841abdb5f2c3fa82fa8a.txt",
		"img": "https://archive.orkl.eu/12050358fcf31c14fc2d841abdb5f2c3fa82fa8a.jpg"
	}
}