![]() Treasury Department imposed sanctions on Sungatov and Kondratyev in what was called the first in an "ongoing collaborative effort” with the Justice Department, FBI and international partners targeting LockBit. Kondratyev allegedly used it against municipal and private targets in Oregon, Puerto Rico and New York and other victims in Singapore, Taiwan, and Lebanon, while Sungatov allegedly deployed it against manufacturing, logistics and insurance companies in Minnesota, Indiana, Puerto Rico, Wisconsin, Florida and New Mexico. federal agencies released an advisory that attributed about 1,700 ransomware attacks in the United States since 2020 to LockBit and said victims included municipal governments, county governments, public higher education and K-12 schools and emergency services.Īrtur Sungatov and Ivan Kondratyev, the two indicted Russians, are accused of deploying LockBit against manufacturing companies in the U.S. Biggar said the numbers will be “significant underestimates.” Officials told reporters the gang targeted 2,000 victims worldwide. Influenced by specialty firms they hire to respond to attacks, victims generally resist admitting publicly that ransomware is to blame. “Today we have dealt a decisive blow not only to their operation, but also importantly, to their reputation," said Europol’s deputy executive director of operations, Jean-Philippe Lecouffe.Ĭybersecurity experts wondered how much detail law enforcement obtained on LockBit affiliates' negotiations with victims, including who quietly paid ransoms and how much. “These are criminals,” he said, although the lack of a Russian crackdown indicates that Moscow tolerates the gang's activity. Officials suggested that LockBit could have hundreds of members but there's no evidence that a state such as Russia is behind the syndicate, Biggar said. LockBit is dominated by Russian speakers and does not attack former Soviet nations. crime agency, the operation aimed to steal all of LockBit’s data and then destroy its infrastructure, causing a “significant major degradation” of the cybercrime threat. Over the long term, Callow said, this operation alone will not diminish the volume of ransomware attacks.Ī rare offensive cyber-operation for the U.K. While it will likely spell the end of the brand, such groups routinely re-emerge under new names. The operation is “probably the most significant ransomware disruption to date,” said analyst Brett Callow of the cybersecurity firm Emsisoft. They obtained the Lockbit platform's source code and a trove of intelligence on people the gang worked with. The rest are still wanted.Īuthorities said they seized servers that the gang used to organize and transfer victim data, and gained access to nearly 1,000 potential decryption tools. Three Russians were previously indicted, with two of those taken into custody, one in Canada and one in the U.S. Tuesday's announcement brings to five the number of people the U.S. It is difficult to combat as most gangs are based in former Soviet states and out of reach of Western justice. Ransomware is the costliest and most disruptive form of cybercrime, crippling local governments, court systems, hospitals and schools as well as businesses. LockBit has been linked to attacks on the U.K.’s Royal Mail, Britain’s National Health Service, airplane manufacturer Boeing, international law firm Allen and Overy and China’s biggest bank, ICBC. The group accounted for 23% of the nearly 4,000 attacks globally last year in which ransomware gangs posted data stolen from victims to extort payment, according to the cybersecurity firm Palo Alto Networks. ![]() LockBit, operating since 2019, has been the most prolific ransomware syndicate two years running. Law-enforcement agencies said they infiltrated and disrupted LockBit, arresting two people involved with the prolific ransomware syndicate that has extracted $120 million from thousands of victims around the world. Attorney Philip Sellinger, second left, and Graeme Biggar, director general of Britain's National Crime Agency, center, are among law enforcement officials appearing at a press conference to outline the details of a law enforcement operation against the ransomware syndicate LockBit in London, Tuesday, Feb. The message said the NCA was “working in close cooperation with the FBI and the international law enforcement task force, Operation Cronos." The ongoing operation also involves agencies from Germany, France, Japan, Australia, New Zealand and Canada, among others, including Europol, it said. Hours before the announcement, the front page of LockBit's dark-web leak site was replaced with the words “this site is now under control of law enforcement,” alongside the flags of the U.K., the U.S. ![]() By clicking Sign up, you agree to our privacy policy. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |