Jobaaj Stories
In a series of high-profile cyberattacks, the LockBit ransomware gang has caused widespread disruption, with its most recent breach targeting Industrial & Commercial Bank of China Ltd. (ICBC), the world's largest lender by total assets.
The attack, revealed on Thursday, temporarily blocked certain Treasury market trades, prompting a rerouting of transactions and raising concerns about the vulnerability of financial institutions.LockBit, operating as a "ransomware as a service" enterprise, has been active since at least 2020, amassing a list of victims exceeding 1,000 globally and extorting over $100 million in ransom payments, as reported by the US Justice Department. The group's ties to Russia are noted, with members active on Russian-language cybercriminal forums.
The unique modus operandi of LockBit involves core hackers developing malware and tools, which are then provided to freelance cybercriminals who carry out the attacks. In return, LockBit receives a commission, typically around 20% of the ransom paid by victims. This decentralized and business-like approach has contributed to the group's notoriety.
Also read: Israel-Hamas Conflict Persists into Second Month Amid Cease-Fire Debate
LockBit's ransomware tactics involve infiltrating systems, encrypting data, and demanding payment for decryption. Victims, spanning Europe, the US, China, India, Indonesia, and Ukraine, face the threat of data leaks to pressure compliance. The group constantly updates its malicious software to evade detection by cybersecurity products.
The extent of LockBit's operation, including the number of individuals involved and their locations, remains unknown. The group claims not to target post-Soviet Union countries, emphasizing its roots in that region.
Also read: IIT Kanpur Team Set to Propose Artificial Rain Plan for Delhi's Air Pollution
Surprisingly, ICBC's targeting is unexpected, given the Chinese government's cryptocurrency trading ban—hackers' preferred payment method. China's historical alignment with Russia has also made it a less common target for groups with Russian ties. However, cybersecurity experts speculate that if the targeting proves to be an error, LockBit might assist in recovery by providing free decryption, as it has done in the past when unintended victims were affected.
Also read: WeWork India responds amid WeWork Global files for Bankruptcy
LockBit, known as the most deployed ransomware in 2022, has shown no political affiliations, stating that its actions are purely business-driven. As a result, the attack on ICBC has sent shockwaves through the financial world, prompting calls for enhanced cybersecurity measures among global banks.
