National Crime Agency disrupts LockBit’s enterprise

Hogan Lovells

Hogan Lovells[co-author: Rachel Dalton]

The National Crime Agency fought back against Lockbit this week, affecting the groups administrative environment.

Coordinating with the FBI and international partners, the National Crime Agency (NCA) took control of LockBit’s primary administrative environment—preventing the group from building and carrying out cyberattacks. This operation, dubbed Operation Cronos, has now prevented Lockbit from providing ransom-as-a-service. LockBit is a ransomware gang that has been operation for four (4) years; the group is responsible for attacks against thousands of victims across the world. According to the U.S. Department of Justice, LockBit has claimed over 2,000 victims and received over $120 million in ransom payment in their four years of operation.

In addition to disabling the service environment, NCA also obtained LockBit’s source code and intelligence about their ransomware deployments and technique. NCA has disabled LockBit’s unique data exfiltration tool (known as Stealbit) as well as twenty-eight (28) of the group’s servers. When analyzing these seized servers, NCA discovered data from companies that had paid ransoms—meaning that LockBit did not honor its agreements with companies to delete data that was taken. Finally, NCA obtained over 1,000 decryption keys from LockBit and plans to contact known ransom victims over the next few weeks to assist in data recovery.

Two Russian nationals have been indicted for conduct associated with LockBit as a part of Operation Cronos, which took a coalition of ten countries and multiple months to coordinate. Operation Cronos marks a significant step toward crippling LockBit and ensuring the group does not continue their criminal operation.

[View source.]

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Hogan Lovells | Attorney Advertising

Written by:

Hogan Lovells

Hogan Lovells on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide