Eleven countries have joined efforts to crack down on one of the most prominent cybercrime organizations in the world.
This week, law enforcement agencies from around the world have worked to infiltrate the LockBit ransomware organization. The organization is known to be dominated by Russian individuals and does not attack former Soviet nations, but there is no evidence that it is backed by the Russian state.
According to the Department of Justice, it’s estimated that LockBit has made over $120 million and targeted over 2,000 victims around the world.
The Justice Department and FBI, alongside the United Kingdom’s National Crime Agency’s (NCA) Cyber Division, recently seized multiple websites used by LockBit and servers controlled by LockBit administrators. Both acts disrupt LockBit’s ability to attack and encrypt networks.
Two other major developments include the creation of decryption capabilities and the arrest of two individuals in conjunction with LockBit’s crimes.
First, the NCA has worked with the FBI and international law enforcement partners to develop decryption capabilities. Decryption allows victims of attack to access their data even if it is encrypted by LockBit, a common strategy for holding data ransom. The decryption tool is specifically designed for LockBit.
If an organization is impacted, it’s advised they contact the FBI at https://lockbitvictims.ic3.gov/ to determine if systems can be decrypted.
Next, the Justice Department unsealed two indictments against Russian nationals obtained in the District of New Jersey. The individuals, Artur Sungatov and Ivan Kondratyev, are charged with deploying LockBit against victims in the United States, Singapore, Taiwan, and Lebanon with a focus on manufacturing and some other industries. Kondratyev faces additional charges in the state of California. Neither individual has been tried or convicted; indictments are only allegations of charges.
FBI Director Christopher A. Wray said, “Today, the FBI and our partners have successfully disrupted the LockBit criminal ecosystem, which represents one of the most prolific ransomware variants across the globe… through years of innovative investigative work, the FBI and our partners have significantly degraded the capabilities of those hackers responsible for launching crippling ransomware attacks against critical infrastructure and other public and private organizations around the world.”
Wray further added, “This operation demonstrates both our capability and commitment to defend our nation’s cybersecurity and national security from any malicious actor who seeks to impact our way of life. We will continue to work with our domestic and international allies to identify, disrupt, and deter cyber threats, and to hold the perpetrators accountable.”
The LockBit disruption is a huge win for the Justice Department, NCA, and every other organization involved. Organizations like LockBit pose huge challenges for the organizations they victimize. Hopefully, efforts will continue to be successful as government organizations fight against cybercrime.
Related: HIPAA Compliant Email: The Definitive Guide