ockBit , a notorious cybercrime gang that holds its victims ’ data to ransom , has been disrupted in a rare international law enforcement operation .
The news has been confirmed by the gang itself , and US and UK authorities . The operation was run by Britain ’ s National Crime Agency ( NCA ), the US Federal Bureau of Investigation , Europol and a coalition of international police agencies , according to a post on the gang ’ s extortion website .
The international task force involved has been dubbed Operation Cronos and officials in the United States , where LockBit has hit more than 1,700 organisations in nearly every industry from financial services and food to schools , transportation and government departments , have described the group as the world ’ s top ransomware threat .
Trend Micro assisted the NCA as part of a leading role in the disruption of Lockbit operations .
In collaboration with the NCA , Trend Micro analysed the in-development version of Lockbit ( referred to as Lockbit-NG-Dev ), effectively rendering the entire product line nonviable for criminals .
Trend Micro had protection in place for this upcoming malware product before the group completed testing .
The company said : “ This proactive collaboration with the NCA ensures our customers face a future without Lockbit , which accounted for 25 % of all Ransomware leaks last year – a substantial impact .
“ While the Ransomware market may evolve , our long-standing trust and collaboration with law enforcement position us ahead of public knowledge , allowing us to proactively protect our customers . The recent discrediting of the group by the NCA and partners makes it clear that no rational criminal would want to be associated with them again .”
Robert McArdle , Director of Trend Micro ’ s Forward Looking Threat Research team , said : “ We will release a publication looking at a new as yet unreleased version of the Lockbit encryptor that the group were working on , as well as recapping the history of recent issues and difficulties this group has experienced .
“ While Lockbit were without doubt the largest and most impactful Ransomware operation globally , we hope that this disruption makes it very clear that all criminal affiliates should strongly reconsider any involvement with them in the future , and that in partnering with this organisation these associates have put themselves at increased risk of law enforcement action .”
Cybersecurity experts respond to the news
Javvad Malik , Lead Security Awareness Advocate at KnowBe4 , said : “ The takedown of LockBit ’ s darknet domains stands as a stark reminder of the relentless cat-and-mouse game between cybercriminals and law enforcement .
“ Takedowns are not easy though , and it took the collaboration of Europol and many countries working together to infiltrate and dismantle the notorious group . The symbolic seizure banner displayed on LockBit ’ s . onion sites is a warning shot to other would-be criminals that they can ’ t stay safe forever .
“ While the immediate aftermath of this operation marks a decisive blow to LockBit ’ s operations , the broader narrative it contributes to is one of persistence . In cybersecurity , as in all aspects of security , the goal is not to achieve an impenetrable barrier but to make the cost of attack so high that it becomes a deterrent . Yet , we must consider the resilience of these cybercriminal enterprises ; history has shown us time and again their ability to adapt , evolve and resurface under new guises .
“ In essence , while the takedown is a testament to what can be achieved through international co-operation and technical ingenuity , it also serves as a reminder to the industry . We must continue to bolster our defences , educate our workforce , share intelligence and refine our tactics for the digital age , for the threat landscape is ever-evolving .”
Greg Day , SVP and Global Field CISO at Cybereason , said : “ Far too often , there ’ s talk about the ease with which cybercriminals operate online . However , this recent news serves as a prime example of the results achieved through diligent effort and collaboration behind the scenes . This involves co-operation among law enforcement agencies spanning different jurisdictions , navigating the complexities arising from varied laws .
“ It also entails partnerships with telecom providers to grasp the intricacies of infrastructure and attack methodologies , collaboration with the
Robert McArdle , Director of Trend Micro ’ s Forward Looking Threat Research team
Javvad Malik , Lead Security Awareness Advocate at KnowBe4
Greg Day , SVP and Global Field CISO at Cybereason
Rebecca Moody , Head of Data Research at Comparitech
WWW . INTELLIGENTCISO . COM 49