LockBit ransomware group attacks Indian pharmaceutical giant

LockBit, the Russian-linked ransomware group, has claimed responsibility for a ransomware attack on Indian pharmaceutical giant Granules India, publishing part of the data it stole.

The company Granules India was included in the list published on the dark web by LockBit as a victim of its ransomware attack.

The pharmaceutical giant has not yet confirmed the ransomware attack, however last month it disclosed to Indian stock exchanges about a cybersecurity incident, “The company is investigating the matter with the utmost priority. Containment and remedial actions were undertaken in a controlled manner to address the incident.”

Granules India was founded in 1984 and is one of the largest Indian pharmaceutical manufacturers, the company produces many off-patent drugs such as paracetamol, metformin and ibuprofen.

Lockbit has so far been deemed the most widespread ransomware variant in the world according to a joint statement between the US federal cybersecurity agency CISA and counterparts in Australia, Canada, France, Germany, New Zealand and the United Kingdom. The ransomware group was first identified in January 2020 on Russian-language cybercrime forums and has extorted approximately $91 million in total through its 1,700 attacks worldwide.

In recent months, members of the LockBit group have claimed responsibility for several attacks on major technology companies, including the British postal service Royal Mail, the technology manufacturer Foxconn , and the finance department of the state of California.

Meanwhile, the US Department of Justice has arrested and charged a Russian citizen, Ruslan Magomedovich Astamirov, with carrying out at least 5 ransomware attacks between August 2020 and last March as an affiliate of the LockBit ransomware. Astamirov is the third person accused of being part of the LockBit ransomware group and is the second to be arrested.

CISA for the US and its international counterparts have recommended installing up-to-date antivirus software (including Endpoint Security applications such as Machine Learning Intrusion Detection Systems ), installing browser sandboxing, installing web application firewalls, multi-factor authentication e