Security News > 2023 > June > LockBit victims in the US alone paid over $90m in ransoms since 2020

LockBit victims in the US alone paid over $90m in ransoms since 2020
2023-06-14 19:42

Seven nations today issued an alert, plus protection tips, about LockBit, the prolific ransomware-as-a-service gang, as the group's affiliates remains a global scourge, costing US victims alone more than $91 million since 2020.

The crew has been linked to Russia, and in May Uncle Sam sanctioned a Russian national, Mikhail Pavlovich Matveev, accused of using LockBit and other ransomware to extort a law enforcement agency and nonprofit healthcare organization in New Jersey, as well as the Metropolitan Police Department in Washington DC, among "Numerous" other victim organizations in the US and globally.

"Due to the large number of unconnected affiliates in the operation, LockBit ransomware attacks vary significantly in observed tactics, techniques, and procedures," the advisory notes.

Between January 2020 and the first quarter of 2023, a total of 1,653 alleged victims have been named on LockBit leak sites - although, according to the cyber agencies, this number only represents "a portion" of the affiliates' victims since it only includes those who refuse to pay.

In 2022, New Zealand received 15 reports of LockBit ransomware, representing 23 percent of the year's ransomware reports.

In 2022, 16 percent of the US State, Local, Tribal, and Tribunal government ransomware incidents reported to the MS-ISAC were identified as LockBit attacks.


News URL

https://go.theregister.com/feed/www.theregister.com/2023/06/14/lockbit_joint_advisory/