The largest suspected criminal ransomware outfit in the world has been targeted by an operation spearheaded by the UK. The National Crime Agency (NCA) has gained access to Lockbit's computers and taken its data. The organization is thought to have its headquarters in Russia and is, in terms of volume, the most active ransomware vendor, providing services to other lawbreakers. Lockbit's website had a notice stating that it was "now under control of law enforcement" on Monday night. According to reports, the operation is one of the biggest upheavals in the world of cybercriminals. The long-running operation has involved the FBI, Europol, and other nations, but it is the first of its sort to be conducted by the UK.
Hackers break into business and organization computers using Lockbit, locking users out until a ransom is paid. They frequently threaten to release the data they steal. The organization first appeared in 2019 and has since become a major force. According to some estimates, it makes up 20–25% of the ransomware business.
One of Lockbit's well-known alleged targets is Royal Mail, which experienced a disruption in international deliveries when it was attacked in January 2023. Significant financial consequences also befell Industrial & Commercial Bank of China (ICBC) in November of last year. Suppliers to the NHS, the legal firm Allen & Overy, and the aerospace giant Boeing are among the others that have reportedly been impacted. Law enforcement has been collecting data for some time as part of a covert operation, and on Monday night, they will move to a more public phase.
Technical specialists from the NCA had gained access to Lockbit's internal systems and taken command. They were able to obtain a significant quantity of the criminal group's own information regarding its operations by doing this. Given that many businesses refuse to acknowledge being hacked and occasionally have to pay a ransom, this data might also offer a unique perspective on the actual scope of the group's activity. When the operation entered its more transparent phase, law enforcement disclosed their infiltration to the public.
The National Crime Agency of the UK took control of the dark web site where Lockbit was promoting its operations. They replaced the emblems of the various law enforcement agencies with a message stating, "The site is under the control of the National Crime Agency of the UK, working in close co-operation with the FBI and the international law enforcement task force, 'Operation Cronos'." Graeme Biggar, the NCA's head, claimed during a press briefing on Tuesday morning that the organization was thought to be accountable for 25% of ransomware assaults in the previous year.
He implied that losses amounting to billions had resulted from the accidents. He said that there were thousands of victims worldwide, 200 of whom were known to exist in the UK, however it's possible that there were many more.
Lockbit operates through the sale of its illegal services, serving as an all-in-one solution for clients referred to as affiliates. These affiliates pay to obtain the malicious software and instructions necessary to perform the hacking operations. However, once law enforcement took action, affiliates attempting to access the website saw an additional notice informing them that Lockbit's internal data, which included victim details and the amount of money demanded, was now in the hands of law enforcement "and much, much more." Additionally, the letter says, "We may be in touch with you very soon."
There have been purported "take-downs" in the past, but the long-term effects were often limited because the criminal groups frequently reemerged shortly after law enforcement halted their internet operations. However, by targeting the group's reputation and diminishing its legitimacy, the people behind this operation want to make a bigger impact. The group uses branding extensively. People have even been paid to get tattoos of the Lockbit brand on their bodies.
The intention is to create mistrust by making affiliates aware that law enforcement now has their personal information and to create a rift between them and the Lockbit operators by leading other criminals to feel that cooperating with them in the future carries a risk due to the possibility of law enforcement monitoring. Those directly involved in the operation characterize the move as a "step change" in the response to cybercrime and state that they expect the UK will be much safer from cyberattack in the short and medium term.
About the Creator
GM Rabby
I am a Law Graduate from BPP University London.
Keep reading
More stories from writers in Criminal and other communities.
Puzzle of Life: The Case Without a Trace
“Unraveling the Enigma of an Unseen Foe” In the heart of London, nestled between the modern facades of bustling businesses, stood the antiquated building of the Metropolitan Police Service. Within its walls, Detective Inspector Lila Hartley sat at her desk, surrounded by case files that whispered secrets of the city’s dark underbelly. Her latest case, however, was unlike any other—a mystery that had begun to consume her every thought.
By Ivan Alfariji3 days ago in Criminal
High Rise, Deep Impact
I have witnessed a death that I relive every time I step into an elevator. Although it no longer affects me as deeply—given that it's been 11 years since the incident—it remains a heart- rending memory from my first and last day as a paramedic. My initial call to the scene involved a man who seemed to have fallen down the elevator shaft of a high-rise building. Alternatively, it might have been that the elevator moved upwards while he was working on it. Different scenarios were being considered when I arrived.
By Penelope Henain4 days ago in Writers
Comments
There are no comments for this story
Be the first to respond and start the conversation.