It couldn’t have happened to a nicer bunch of cybercriminals
15th April 2024 | Modified: 16th April 2024Categories: Security
It seemed for a long while, that cyber criminals were always getting away with stealing people’s data, but not anymore. It took global cooperation involving the FBI, Europol and others to destroy the number one gang in cybercriminal activity, LockBit.
The cybercriminals would have woken up to start their business of ruining people’s lives and businesses, walk into their offices and find out exactly what it is like for the countless millions of companies that are broken into every day of the week, around the world.
The world’s largest criminal ransomware gang (Lockbit) have not only been infiltrated by the UK’s National Crime Agency (NCA) but they have had their data stolen”
There is a distinct irony in the message that was put on their computer screens by the NCA, which informed the criminals that their systems were:
“now under the control of law enforcement”
The NCA took control of the hackers’ administrative functions that have allowed them to make such attacks. The NCA were also able to capture the gang’s source code and a significant amount of intelligence about how the criminals operate. So, hopefully, this will stop or, certainly limit the gang’s capacity to launch any further attacks; for a while at least.
LockBit have been around since about 2019, they have been one of the most prolific names when it comes to hacking into a company’s networks. Their Modus Operandi is to first infiltrate and then encrypt all of your critical files.
They would then send the hacked company a ransom demand, typically asking for Cryptocurrency or Monero. If the victim stands up to the gang and refuses to pay, LockBit will then threaten to release the normally sensitive data onto the dark web.
Historically, the gang have targeted large corporations, hospitals, medical facilities and government agencies have all been in their crosshairs. They operate as a ‘ransomware as a service’ (RaaS), where affiliates can use it to conduct attacks.
The most famous ransom hack experienced here in the UK was back in January 2023, when the gang targeted Royal Mail International’s postal service. Months of disruption followed.
Royal Mail, a 500-year-old Company, decided not to pay LockBit after weeks of negotiations with the extortionists. This strategy meant that Royal Mail would not receive the decryption key from the criminals. (A decryptor is a piece of code, that will reverse the unreadable ciphertext that your data has become). What is particularly annoying is, that cybercriminals will often steal your money but then not release the stolen data back to the rightful owner.
Ransomware is a piece of malicious software, which enters the host, typically as a phishing email. Once the email is clicked on and activated, the malware will then encrypt all files, on your network. It is estimated that LockBit has made at least upwards of $100m in ransom demands.