Classification of the LockBit breakup

B2B Cyber ​​Security ShortNews

Share post

European and American law enforcement authorities have managed to arrest two members of the notorious LockBit group. This important strike against the ransomware group represents a significant step forward in the fight against organized cybercrime.

LockBit is one of the most well-known threat actors, brazenly attacking hospitals and critical infrastructure itself, unlike many of its competitors. With the arrest of two people and the ongoing investigation against the group's developers and partners, law enforcement authorities are sending a clear message to other malware operators: cybercrime has significant consequences.

Cybercrime groups are increasingly being exposed

The current arrest is just one of many in recent months. It illustrates the positive development in the area of ​​criminal prosecution of cybercriminals. It was only in December that the FBI, together with international law enforcement agencies, seized BlackCat's servers and leak site. Recently, the FBI intercepted the Mooboot malware deployed by Fancy Bear on Ubiquiti routers. The router's firewall was reconfigured to prevent attackers from gaining access again. The FBI's involvement in the effort to take down LockBit shows how proactive the FBI and other law enforcement agencies are against cyber threats.

Taking down the two largest ransomware gangs, LockBit and BlackCat, has the potential to permanently alter the threat landscape by further driving the fragmentation and decentralization of cybercrime groups. This highlights the need for security teams to move away from traditional methods of detecting security breaches based on known Indicators Of Compromise (IOC). An approach that focuses on identifying tactics, techniques, and procedures (TTPs) is more sustainable because it takes into account the dynamic methods of threat actors and emerging threats. (Christian Have, CTO at Logpoint)

More at Logpoint.com

 


About Logpoint

Logpoint is the manufacturer of a reliable, innovative platform for cybersecurity operations. With the combination of advanced technology and a deep understanding of customers' challenges, Logpoint strengthens the capabilities of security teams and helps them combat current and future threats. Logpoint offers SIEM, UEBA, SOAR and SAP security technologies that converge into a complete platform that efficiently detects threats, minimizes false positives, autonomously prioritizes risks, responds to incidents and more.


 

Matching articles on the topic

Curious: Malware developer gives himself away through mistakes

Exposing the Styx Stealer: How a hacker's slip-up led to the discovery of a huge amount of data on his own computer. The ➡ Read more

NIS2 Directive for cybersecurity in the EU

The introduction of the EU NIS2 Directive, which is to be implemented into national law by the Member States by October 2024, brings ➡ Read more

Best-of-breed for cybersecurity

History repeats itself, even in the area of ​​cybersecurity. There are cycles of consolidation and modularization. Currently, consolidation is again ➡ Read more

Webinar 17 September: Implementing NIS2 in a legally compliant manner

NIS2 Deep Dive: In a free, German-language webinar on September 17th from 10 a.m., a lawyer will explain how companies ➡ Read more

Vulnerability in the Google Cloud Platform (GCP)

An exposure management company announces that its research team has identified a vulnerability in the Google Cloud Platform (GCP) ➡ Read more

NIST standards for quantum security

The publication of the post-quantum standards by the National Institute of Standards and Technology (NIST) marks a decisive step forward in securing ➡ Read more

Cisco licensing tool with critical 9.8 vulnerabilities

Cisco reports critical vulnerabilities in the Cisco Smart Licensing Utility that achieve a CVSS score of 9.8 out of 10. These vulnerabilities ➡ Read more

Ransomware attacks: 6 out of 10 companies attacked

Bitkom has surveyed more than 1.000 companies in Germany: More than half of the companies are victims of ransomware attacks ➡ Read more