·Top Aces, the sole source of fighter training for the Canadian and German militaries, claimed that it had been targeted by the LockBit ransomware.

·The LockBit gang’s official website has issued a plea that if the ransom is not paid, the stolen 44GB of internal data be publicized.

·Attacks on defense-related enterprises are a problem, according to security experts, because there is “no way to know where the stolen data ends up,” which is likely to wind up in hostile nations.

·LockBit is a popular ransomware-as-a-service platform, with at least 650 firms affected this year.

Top Aces, a Canadian corporation that specializes in fighter aircraft training for the Air Force, reported a ransomware assault.

In a statement issued on Wednesday (May 11), the corporation acknowledged that it was investigating the attack.

Top Aces, situated in Montreal, is the “sole supplier of aerial conflict drills between the Canadian and German armed forces,” according to the stolen website of the LockBit ransomware group.

Top Aces, which was founded in 2000 by a group of former fighter pilots, claims to have “the world’s largest private combat aircraft fleet.”

In addition to collaborating with nations such as Canada, Germany, and Israel, the business obtained a significant deal with the United States Air Force in 2019. The deal plainly states that Top Aces is responsible for supplying training tools for protection against Russian weaponry.

Attacks against defense-related organizations are a problem, according to Brett Callow, a threat analyst at security firm Emsisoft, since “there is no way of knowing where the stolen data ends up.”

“Even if the present attack is the work of a gang of hostile for-profit hackers, there is still the possibility that they will sell or otherwise transfer data to third parties, including opposing governments,” Callow added.

“Defense industrial base companies have been targeted multiple times in recent years, and the government must find a realistic strategy to improve supply chain security.”

Callow also reported hacks on Visser Precision, a Lockheed Martin components supplier, and Westtech International, a military contractor that provides nuclear deterrent weapons such as the US Minuteman III ICBM.

The LockBit ransomware group has set a May 15 deadline for Top Aces to pay the ransom, exposing an alleged to

LockBit has become one of the most active ransomwaret

LockBit is one of the most active ransomware groups, conducting hundreds of assaults in the last year alone, and it’s becoming increasingly common. They have already assaulted at least 650 companies in 2022, according to Recorded Future figures.

The group has lately conducted two more high-profile crimes, involving a prominent German library service and Rio de Janeiro’s banking system.

The Australian Cyber Security Centre (ACSC) published an advice in August 2021, stating that the amount of LockBit ransomware attacks was increasing.

The gang has been active since September 2019, but it has stayed on the periphery until it later built a whole new platform version of LockBit 2.0 ransomware-as-a-service.

LockBit has become one of the most prevalent ransomware-as-a-service platforms today, following the downfall or withdrawal of cyber gangs such as Darkside, Avanddon, and REvil.


There are now more and more cybersecurity battles between nations. In this era, information is the most important wealth of a person and an organization. When a person loses information, there will be no privacy, and when an organization loses information, it is the beginning of its demise. To do a good job of information and data protection, the best way is to perform disaster recovery backup. And now the more convenient backup method is virtual machine backup, such as VMware Backup, Xenserver Backup, oVirt Backup and so on.