Lockbit went on a rampage recently, counting no fewer than 9 victims, spread across multiple countries. These are Senegal, France, India, Kuwait, and Spain. The target companies are active in different fields, such as transportation, health, and petrochemicals.
Ransomware attacks have been on a growing trend over the past year with one reason for that being the emergence of multiple new ransomware gangs. Lockbit is among the few gangs that have been around for several years.
The organization first appeared in 2020 and has come a long way since. The group is now responsible for around 25% to 33% of the total number of ransomware attacks. On a global scale.
Lockbit has targeted all industries with no clear-cut preference other than the ones that bring in the most money. The organization uses several MOs but prefers spear-phishing and direct attacks to gain access to their victims’ systems.
From that point on, everything goes smooth and to-the-point. The hackers encrypt the available files and exfiltrate the target data. They also leave behind a ransomware note, guiding the victim to their TOR network for contact.
If you’re unfamiliar with how ransomware attacks work, you may not realize the full extent of the danger. The most immediate and obvious problem is the data loss, combined with the entire encryption of your system.
You’ll need to either pay out the ransom (which can be quite hefty at times) or find alternative ways to regain access to your files. Then you need to consider getting the hackers to delete the stolen data. This is the second problem because most hackers won’t.
Despite them telling you otherwise, it’s been noted that many ransomware operators prefer to keep the stolen data, even if the victim pays the ransom. That’s because the victim can’t verify that. And because using the stolen data later down the line can be profitable.
Finally, we have the legal consequences to consider if you’re a business with one or more employees. It doesn’t sit well with the law to have your employees’ or customers’ data leaked to the Dark Web. Which is why many companies don’t report the breach.
As you can see, the fallout of a ransomware attack isn’t limited to your personal losses. And it’s not contained to the immediate consequences. The attackers may spread your information all over the internet, fueling additional future breaches.
So, it’s worth investing in protection and prevention. And knowing that, in the eventuality that everything fails, negotiating with the hackers should never be an option.
We believe security online security matters and its our mission to make it a safer place.