CISA Issues Cybersecurity Advisory on "Lockbit" Ransomware Attacks
The Cybersecurity & Infrastructure Security Agency ("CISA"), along with the FBI and international law enforcement agencies, described the "Lockbit ransomware variant" and recommended methods to mitigate the threat.
According to the Advisory, in 2022, "LockBit was the most active global ransomware group and RaaS [Ransomware-as-a-Service] in terms of the number of victims claimed on their data leak site." Lockbit allows developers to lease out ransomware and its control infrastructure to cybercriminals. CISA stated that Lockbit ransomware attacks vary in observed tactics, techniques and procedures due to the large amount of unconnected operation affiliates, which creates a "notable challenge" in maintaining network security and preventing attacks.
In addition, FINRA issued a Cybersecurity Alert, recommending that member organizations review the CISA Advisory as well as previously issued Regulatory Notice 22-29, containing ransomware guidance for member firms.
Available only to Premium subscribers.