LOCK BIT RANSOMWARE

Background

• It has recently been discovered that Mac devices are being targeted by LockBit ransomware.
• The LockBit gang is said to have been behind a cyberattack on UK postal services in January 2023 that halted international shipping.
• Ransomware is a type of malware that takes control of computer data and demands payment to restore it, usually in bitcoins.

About ransomware

• Ransomware like LockBit is malicious software that demands a ransom in order to prevent users from accessing computer systems. LockBit will search for important targets on its own, spread the infection, and encrypt all network-accessible computers. This ransomware is used to attack businesses and other organizations in very specific ways.
• LockBit, formerly known as "ABCD" ransomware, is a type of computer virus that infects a user's system and encrypts crucial files so that they cannot be accessed. The infection previously showed up in September 2019 and is known as a "crypto infection", since it requests installment in digital money to open the documents.

As a self-piloted cyberattack, LockBit attackers have made a mark by threatening organizations globally with some of the following threats:

• Operations disruption with essential functions coming to a sudden halt.
• Extortion for the hacker’s financial gain.
• Data theft and illegal publication as blackmail if the victim does not comply.
• LockBit is usually used to attack companies or organizations that can afford to pay a lot of money to get their files back.
• The people behind LockBit have a website on the dark web where they recruit members and release information about victims who refuse to pay.
• LockBit has been used to target companies in many different countries, including the U.S., China, India, Ukraine, and Europe.

Role of LockBit Gang:

• It is a group cyber criminals who use a ransomware-as-a-service model to make money.
• creates custom attacks for people who pay them and then split the ransom payment with their team and affiliates.
• They are known for being very prolific and avoiding attacking Russian systems or countries in the Commonwealth of Independent States to avoid getting caught.

LockBit targeting MacOS:-

• LockBit is targeting macOS as a way to expand the scope of their attacks and potentially increase their financial gains. While historically ransomware has mainly targeted Windows, Linux, and VMware ESXi servers, the gang is now testing encryptors for macOS.

• The current encryptors were not found to be fully operational, but it is believed that the group is actively developing tools to target macOS.
• The ultimate goal is likely to make more money from their ransomware operation by targeting a wider range of systems.

Cyber attacks in India:-

• Ransomware attacks have increased significantly in India, affecting approximately 82% of businesses by 2020.
• A few high-profile assaults have happened as of late, including the want to cry assault in 2017, an information break at Juspay that impacted 35 million clients, remembering those of Amazon for 2021, and all the more as of late a ransomware assault on AIIMS Delhi.
• In 2022, a significant cyberattack compromised the passport, ticket, and credit card information of 4.5 million Air India customers.

The Indian government took the following actions: -

• Indian digital wrongdoing coordination focus (I4C).
• Indian PC crisis reaction group (CERT-in).
• Cybersurakshit Bharati
• The Cyber Swachhata kendra
• The NCCC is the national coordination center for cyber security.
• Policy for cyber insurance.

Must Check: IAS Coaching In Delhi