LockBit Seized - Major Victory For Global Cyber Security

Australia Aids In Operation Cronos - LockBit Takedown

A coalition of international law enforcement agencies, including the Australian Federal Police, have disrupted LockBit - a prolific ransomware group involved in recent cyber incidents such as the DP World hack and Citrix Bleed Vulnerability just to name a couple.

“As of today, LockBit are locked out. We have damaged the capability and most notably, the credibility of a group that depended on secrecy and anonymity.” Graeme Biggar, the NCA’s director general.

LockBit’s software is a malicious software notorious for disabling computer networks and facilitating ransomware demands. It infiltrates computer systems, encrypts files, and holds them hostage, demanding a ransom for their release. 

It is most infamous for being used against hospitals and schools, but is dangerous against any organisation regardless of type.

LockBit operates as a trailblazer in the realm of "ransomware as a service" (RaaS), innovatively outsourcing target selection and attacks to a network of semi-independent "affiliates." 

The organisation equips these affiliates with the necessary tools and infrastructure while earning a commission based on the ransoms collected in return.

 This distinctive model enhances the scalability and efficiency of cyberattacks, presenting a formidable challenge for cybersecurity efforts. 

By decentralising operations, LockBit not only facilitates a broader reach but also underscores the evolving and intricate nature of cyber threats in the modern landscape.

A Big Win For Global Collaboration And Security

“A beautiful site [sic]“, said Ciaran Martin, former head of Britain’s National Cyber Security Centre

On Tuesday the 20th of February, 2024, LockBit’s website was replaced with a message from international police forces reading 

“this site is now under the control of law enforcement”.

The law enforcement breach of LockBit's website, hosted on the "dark web" accessible through dedicated applications, stands as a rare public instance of Western countries intervening against hackers typically operating beyond their jurisdiction. 

“Through our close collaboration, we have hacked the hackers; taken control of their infrastructure, seized their source code, and obtained keys that will help victims decrypt their systems,” said Graeme Biggar, the NCA’s director general.

This action highlights the challenge of addressing cyber threats that transcend geographical boundaries. 

The incident underscores the significance of cross-border collaboration in combating cybercrime and serves as a reminder of the ongoing efforts by law enforcement agencies to disrupt illicit activities in the digital realm, particularly when dealing with sophisticated entities like LockBit.