Lockbit continues its cybercriminal spree, this time reaching US territory again. The victim is Contra Costa County Employment & Human Services and the attack resulted in a massive data leak.
The attack took place on the 26th, but the victim only had time until the 28th to negotiate and reach a consensus with a Lockbit representative. Lockbit is known to be quite blunt and unbending in negotiations, so it is expected that the victim will refuse to pay.
This means that the attacker will publish the data on the DarkWeb, which could potentially impact the victim’s reputation and financial stability. However, this is pretty much the norm, as only a handful of victims accept to pay the ransom, which experts advise doing anyway.
The reason is that, by doing so, victims end up supporting the ransomware industry, as the attacker is then incentivized to stay active in the field. This is especially important in the case of a group like Lockbit that is notorious for its aggression and capabilities.
According to the latest investigation, Lockbit appears to be responsible for nearly 50% of all ransomware attacks.
We believe security online security matters and its our mission to make it a safer place.
Lockbit currently ranks as one of the most well-established ransomware actors in the world. The organization first became public in September of 2019 and quickly rose to previously unreached heights.
Two years later, Lockbit was already voted as the most prolific ransomware agency in the world. The organization racked up more than 1,700 victims and over $91 million in ransom payouts in less than 3 years of activity.
By comparison, most ransomware actors have a couple of hundred victims to their name at most.
So, who is Lockbit exactly? The answer is: nobody knows. This isn’t atypical, as all cybercriminal organizations today are anonymous. But it is atypical for a ransomware actor with such a long history in the business and such an active and aggressive profile.
This is proof that Lockbit is very well financed, with some suggesting governmental support. Some theories have linked Lockbit to Russia due to the group first appearing on a Russian-speaking forum.