'Lockbit' digital gang named top ransomware threat by US, 6 other nations

The United States and six other countries on Wednesday identified the digital extortion gang operating under the "Lockbit" banner as the world's top ransomware threat.

| Updated on: Jun 15 2023, 07:23 IST
Worried about cyber fraud! Check out Zero Trust Security Strategy
1/5 Productive workplace through remote or hybrid work: Enabling remote work for employees while maintaining security is crucial. Multifactor authentication tools can safeguard remote devices against credential breaches, while single sign-on and passwordless authentication methods can enhance employee satisfaction and efficiency. (AP)
2/5 Prevent or reduce business damage from a breach: By adhering to the three Zero Trust principles, Security Operations (SecOps) teams can maintain visibility across all assets and endpoints, quickly triage alerts, and initiate remediation. (Unsplash)
image caption
3/5 Need to identify and protect sensitive business data and identities: Data encryption, access, and identity control limit which data can be accessed and by whom, and micro-segmentation limits attackers' ability to access or share sensitive data. (Unsplash)
image caption
4/5 Address compliance requirements: The Zero Trust model provides the necessary visibility and control to ensure compliance with regulations like GDPR, HIPAA, and CCPA. (Unsplash)
image caption
5/5 Empower innovation and digital transformation: With Zero Trust, organizations can securely embrace cloud technologies, IoT, and other emerging technologies while mitigating risks. (Unsplash)
icon View all Images
Ransomware threats far surpass the preventive capacities of traditional security solutions and human-only teams. (AFP)

The United States and six other countries on Wednesday identified the digital extortion gang operating under the "Lockbit" banner as the world's top ransomware threat.

In a joint advisory, U.S., Canadian, British, French, German, Australian and New Zealand cyber authorities said Lockbit's extortion software, used to scramble victims' data until a ransom is paid, was the most broadly used by cybercriminals.

"In 2022, LockBit was the most deployed ransomware variant across the world and continues to be prolific in 2023," the advisory said, adding that the gang and its affiliates "have negatively impacted organizations, both large and small, across the world."

Ransomware has been an online threat for years and the business around it has become increasingly sophisticated. Lockbit is one of several groups that uses an affiliate model, effectively letting other cybercriminals use its code and infrastructure in return for a cut of the profits.

The advisory only cited hard figures from three countries, with 1,700, Lockbit-related incidents reported or confirmed in the United States, 69 in France and 15 in New Zealand. But Lockbit accounts for a big chunk of the ransomware incidents tracked by all seven governments, according to advisory, which said the agencies involved attributed somewhere between 11% to 23% of all recent ransom-seeking hacks to the group.

German, Canadian and Australian officials did not immediately return messages seeking further details and figures. British authorities declined to comment.

It makes sense to describe Lockbit as a top ransomware actor, said Brett Callow, an analyst with cybersecurity company Emsisoft. He said the figures cited in the advisory were "likely significantly understated."

Callow added that the global cooperation that went into the advisory was an encouraging sign.

"I don't recall so many agencies collaborating on an advisory before," he said. "It's great to see." 

Follow HT Tech for the latest tech news and reviews , also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 15 Jun, 07:23 IST