The group has targeted a wide range of critical infrastructure sectors, including financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing, and transportation. LockBit, a ransomware-as-a-service (RaaS) operation, has extorted $91 million from U.S. companies since 2020.
LockBit has been successful due to its innovation, continual development, and affiliate supporting functions. The group has also been able to exploit vulnerabilities in network devices and Baseboard Management Controllers (BMCs) to gain access to victim networks.
In response to the growing threat of ransomware, CISA has issued a Binding Operational Directive (BOD) instructing federal agencies to secure network devices and implement other mitigations. CISA and the NSA have also issued an advisory highlighting the threats posed by BMC vulnerabilities.
Organizations can protect themselves from ransomware attacks by implementing the following security measures:
- Keep software up to date, including operating systems, applications, and firmware.
- Use strong passwords and multi-factor authentication.
- Segment networks to limit the spread of malware.
- Back up data regularly and keep backups offline.
- Have a plan to restore operations in the event of a ransomware attack.
Ransomware is a serious threat, but organizations can take steps to protect themselves. By implementing the security measures listed above, organizations can reduce their risk of being targeted by ransomware attackers.
Beware: 1,000+ Fake Cryptocurrency Sites Trap Users in Bogus Rewards Scheme.
Here are some additional details about the LockBit ransomware operation:
- The group is known for its use of double extortion, which involves encrypting victim data and stealing a copy of the data before demanding a ransom payment.
- LockBit has a large and active affiliate program, which allows the group to quickly deploy ransomware to a wide range of victims.
- The group has been known to leak sensitive data from victims who refuse to pay the ransom.
If you believe that your organization has been targeted by LockBit ransomware. You should immediately contact law enforcement and a cybersecurity incident response firm. LockBit. A ransomware-as-a-service (RaaS) operation, has extorted $91 million from U.S. companies since 2020.