LockBit 3.0 Ransomware Attacks
Global Attacks
June 4, 2024
NJCCIC Public/Private Sector IT-Security Professional Members,
LockBit ransomware has long held a dominant position at the forefront of the most active and prevalent threats in the cyber landscape. Since its debut in the ransomware arena in 2019 with its first version, LockBit has orchestrated numerous attacks targeting entities across diverse sectors, regardless of their size or global location. The threat group behind LockBit operates as a Ransomware-as-a-Service (RaaS), allowing affiliates to deploy the ransomware and share profits with the operators behind the ransomware service. The Cybersecurity and Infrastructure Security Agency (CISA) has shared multi-part activity reports from the Israel National Cyber Directorate (INCD) related to LockBit 3.0 activity observed within Israeli Cyberspace. The report contains a large number of indicators of compromise (IOCs), details on the observed activity, and a technical deepdive into LockBit 3.0. CISA recommends agencies and organizations review the reports for pertinent information that can be used to protect themselves from LockBit 3.0.
Reporting
The NJCCIC encourages recipients who discover signs of malicious cyber activity to contact the NJCCIC via the cyber incident report form at www.cyber.nj.gov/report.
For any further questions, contact us here at Cyber Command.