Ransomware Awareness – LockBit Ransomware Disrupted Following International Takedown Operation

In a joint operation known as “Operation Cronos,” international law enforcement partners collaborated in efforts to disrupt the notorious ransomware group known as LockBit. The U.S. Department of Justice Office of Public Affairs has issued a press release announcing the disruption of the gang along with indictment charges against two Russian nationals. 

A banner on LockBit’s data leak website reads:

“The site is now under the control of law enforcement. This site is now under the control of The National Crime Agency of the UK, working in close cooperation with the FBI and the international law enforcement task force, Operation Cronos. We can confirm that LockBit’s services have been disrupted as a result of International Law Enforcement action – this is an ongoing and developing operation.”

Responsible for more than $120 million in ransom payments along with ransom demands in the hundreds of millions, LockBit is one of the most active ransomware groups in the world. According to The Record, “The group has far outpaced other ransomware gangs since it emerged in late 2019, with researchers at Recorded Future attributing nearly 2,300 attacks to the group. Conti — the second most active group — has only been publicly linked to 883 attacks.” LockBit has targeted a wide range of high-profile organizations worldwide including government institutions. The UK’s National Cyber Security Centre (NCSC) has stated in previous releases, “LockBit presented the highest ransomware threat to businesses in the UK.” For more information, access Bleeping Computer or the National Cyber Security Centre.