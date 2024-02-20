Lockbit is out of business but ransomware isn’t – Netwrix comments

February 2024 by Dirk Schrader, Resident CISO (EMEA) and VP of Security Research chez Netwrix

Today, the National Crime Agency (NCA) has compromised Lockbit’s, one of the biggest cyber-criminal gangs in the world, systems and stole the group’s data surrounding its activities. Law enforcement took control of Lockbit’s website where the gang’s customers and affiliates were welcome with the words: “The site is under the control of the National Crime Agency of the UK, working in close co-operation with the FBI and the international law enforcement task force, ’Operation Cronos”.

“This operation to take down Lockbit appears to have incorporated some lessons learned from past operations. The operation penetrated deep into the network behind Lockbit and tried to uproot much if not all the elements in the Lockbit supply chain, as the notes left for crooks logging in to the platform indicate. That approach increases the chances that Lockbit will not resurface again, unlike other ransomware platforms recently, like Trickbot and ALPHV. Only time can tell whether this will be true.

“Although it is good news that the crypto money has been seized and two individuals have been arrested, it’s not a sign that we should lower our defenses. There are still other gangs out there, there is still a lot of inconsistency between countries related to cybercrime, and there is still money in the game. In fact, according to this report, successful cyberattacks resulted in unplanned expenses for 40% of respondents. So, companies should not scale down their efforts to protect their data, identities, and infrastructure. Heed the advice that an ounce of prevention is better than a pound of cure. Make sure that you have your accounts protected using MFA, that privileges are reduced to the minimum needed to do the job and exist only just-in-time, that your systems are hardened, and your vital data is secured. We will see whether Lockbit remains out of business, but for sure others are ready to fill the void.”