Change in the Ransomware Status Quo?

A curiously uncorroborated claim by famous Russian ransomware group, LockBit, is stirring up the news this week.  Their newest threat is the release of 33 terabytes of American citizens’ banking data, acquired in an alleged (by them) data breach of the U.S. Federal Reserve.  The question so far, however, is did LockBit actually breach the Fed?  There has been as yet no confirmation of the act, and so it remains unresolved.  

The Federal Reserve has said nothing, and data security experts deny the plausibility.  Brett Callow, threat analyst at the cybersecurity firm Emisisoft, goes so far as to say it’s “likely complete and utter bollo … erm, nonsense, and a tactic designed to get its ailing RaaS (Ransomware-as-a-Service) back into the limelight”

If this is indeed the current state of LockBit’s notoriety, it would be a far cry from just earlier this year, when the U.S. State Department nevertheless offered a $15 million reward for any information that could lead to arrest of LockBit members.  In a sudden reversal of the crime group’s fortunes, in May 2024 an accused leading member was indicted and sanctioned by the U.S., Britain and Australia; earlier this month, the FBI’s Cyber Division announced it now possesses over 7,000 LockBit decryption keys, which could allow for the free recovery of stolen and encrypted data.

Of course, even if LockBit’s position on top of the cybercrime food chain is in fact no longer secure, this is still just one group.  There remain countless other ransomware agents out there, as well as cabals of LockBit’s stature.  These include names like Clop, the group responsible for the massive MOVEit data breach that impacted New York public schools and is still sending out aftershocks.  BlackCat (ALPHV) targets Microsoft and Linux servers with its ransomware and is fond of a triple extortion strategy: threatening to share the stolen data if a ransom is not paid.

To ensure a solid data security stance and the maximum degree of protection, proactive measures like data encryption are required.  Banking on a federal miracle to save your data if your organization gets hit by ransomware is a losing proposition.  NetLib Security’s Encryptionizer transparently encrypts stored data right out of the box, mitigating the risk of hackers threatening to publicly expose your sensitive data if you don’t pay up.  Across all environments—physical, virtual and cloud—Encryptionizer provides a safety net for data when the network perimeter has been breached. 


By: Jonathan Weicher, post on June 28, 2024
Originally published at: https://www.netlibsecurity.com
Copyright: NetLib Security