LockBit ransomware has cost victims millions in the US alone

News
By Sead Fadilpašić
published

New report sheds light on one of the most prolific ransomware gans out there

Ransomware attack on a computer
(Image credit: Kaspersky)

The notorious LockBit ransomware gang has stolen approximately $91 million just from victims in the United States since 2020, making it one of the most successful, if not the most successful, ransomware threats out there.

The news comes from a joint advisory, published earlier this week by the US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI, Multi-State Information Sharing and Analysis Center (MS-ISAC), and the cybersecurity authorities of Australia, Canada, United Kingdom, Germany, France, and New Zealand.

Thousands of victims

As per the advisory, in the last three years, the group successfully compromised roughly 1,700 American organizations. Last year alone, some 16% of all attacks targeted State, Local, and Tribunal (SLTT) governments, MS-ISAC’s data shows. So municipal governments, counties, educational institutions, and public service organizations, were some of the most popular targets. 

"In 2022, LockBit was the most deployed ransomware variant across the world and continues to be prolific in 2023," the report claims.

Read more

> Port of Lisbon hit by ransomware attack

> Data breached at LA Housing Authority after ransomware attack

> These are the best malware removal tools at the moment

But LockBit wasn’t entirely focused on these organizations. Private sector firms of all shapes and sizes were being targeted, as well: "Since January 2020, affiliates using LockBit have attacked organizations of varying sizes across an array of critical infrastructure sectors, including financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing, and transportation."

As per CSO Online, LockBit first formed in 2019, under the name ABCD, given to the group after the file extension that was left on encrypted files. It quickly rose to prominence, and by 2020, it was up to version 2.0. This variant of the encryptor was “the most impactful and widely deployed ransomware variant” to be observed in Q1 2022, according to researchers from Unit 42, Palo Alto Networks’ cybersecurity arm

While the official number of victims is around 1,700, the group itself claims to have compromised more than 12,000 organizations.

Via: BleepingComputer

Sead Fadilpašić
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.