{"id":62880,"date":"2024-02-21T21:01:16","date_gmt":"2024-02-21T21:01:16","guid":{"rendered":"https:\/\/news.pakistaninewspaperlist.com\/global-operation-smashes-most-harmful-cybercrime-group\/"},"modified":"2024-02-21T21:01:16","modified_gmt":"2024-02-21T21:01:16","slug":"global-operation-smashes-most-harmful-cybercrime-group","status":"publish","type":"post","link":"https:\/\/pakistaninewspaperlist.com\/news\/global-operation-smashes-most-harmful-cybercrime-group\/","title":{"rendered":"Global operation smashes \u2018most harmful cybercrime group\u2019"},"content":{"rendered":"<p><\/p>\n<div dir=\"auto\">\n<p>LONDON: An international operation led by the UK and US law enforcement agencies has severely disrupted \u201cthe world\u2019s most harmful cybercrime group\u201d, the Russian-linked ransomware specialist LockBit, officials announced on Tuesday.<\/p>\n<p>LockBit and its affiliates have targeted governments, major companies, schools and hospitals, causing billions of dollars of damage and extracting tens of millions in ransoms from victims.<\/p>\n<p>Britain\u2019s National Crime Agency (NCA), working with the Federal Bureau of Investigation, Europol and agencies from nine other countries in Operation Cronos, said it had infiltrated LockBit\u2019s network and taken control of its services.<\/p>\n<p>\u201cWe have hacked the hackers, we have taken control of their infrastructure, seized their source code, and obtained keys that will help victims decrypt their systems,\u201d NCA director general Graeme Biggar told reporters in London.<\/p>\n<blockquote class=\"blockquote-level-1\">\n<p>LockBit and its affiliates hacked govts, major firms, extracted tens of millions in ransoms from victims<\/p>\n<\/blockquote>\n<p>LockBit\u2019s website \u2014 selling services that allow people to organise cyberattacks and hold data until a ransom is paid appears \u2014 was taken over on Monday evening.<\/p>\n<p>A message appeared on the site stating that it was \u201cnow under control of law enforcement\u201d.<\/p>\n<p>\u201cAs of today LockBit is effectively redundant, LockBit has been locked out,\u201d Biggar said.<\/p>\n<p>The US Justice Department (DOJ) said the agencies had seized control of \u201cnumerous public-facing websites used by LockBit to connect to the organisation\u2019s infrastructure\u201d and taken control of servers used by LockBit administrators.<\/p>\n<figure class=\"media  sm:w-1\/2  w-full  media--right  media--embed  media--uneven\">\n<p>    <iframe class=\"nk-iframe\" onload=\"setInterval(()=&gt;{try{this.style.height=this.contentWindow.document.body.scrollHeight+'px';}catch{}}, 100)\" width=\"100%\" frameborder=\"0\" scrolling=\"no\" style=\"height:400px;position:relative\" src=\"https:\/\/www.dawn.com\/news\/card\/1764628\" sandbox=\"allow-same-origin allow-scripts allow-popups allow-modals allow-forms\"><\/iframe><\/p>\n<\/figure>\n<p>The NCA added that it had obtained more than 1,000 decryption keys and will be contacting UK-based victims in the coming days and weeks to offer support and help them recover encrypted data.<\/p>\n<p>Biggar said the network had been behind 25 per cent of all cyberattacks in the past year.<\/p>\n<p>LockBit has targeted over 2,000 victims and received more than $120 million in ransom payments since it formed four years ago, according to the (DOJ).<\/p>\n<p>Those targeted have included Britain\u2019s Royal Mail, US aircraft manufacturer Boeing, and a Canadian children\u2019s hospital.<\/p>\n<p>In January 2023, US law enforcers shut down the Hive ransomware operation which had extorted some $100m from more than 1,500 victims worldwide.<\/p>\n<p>Following that action, LockBit had been seen as the biggest current threat.<\/p>\n<p><strong>Dark Web<\/strong><\/p>\n<p>Hive and LockBit are part of what cybersecurity experts call a \u201cransomware as a service\u201d style, or RaaS \u2014 a business that leases its software and methods to others to use in extorting money.<\/p>\n<p>Ariel Ropek, director of cyber threat intelligence at cybersecurity firm Avertium, told <em>AFP<\/em> last year that this structure makes it possible for criminals with minimal computer fluency to get into ransomware by paying others for their expertise.<\/p>\n<p>On the so-called dark web, providers of ransomware services pitch their products openly.<\/p>\n<p>At one end are the initial access brokers, who specialise in breaking into corporate or institutional computer systems.<\/p>\n<p>They then sell that access to the hacker, or ransomware operator.<\/p>\n<p>But the operator depends on RaaS developers like Hive or Lockbit, which have the programming skills to create the malware needed to carry out the operation and avoid counter-security measures.<\/p>\n<p>Typically, their programmes \u2014 once inserted by the ransomware operator into a target\u2019s IT systems \u2014 are manipulated to freeze, via encryption, the target\u2019s files and data.<\/p>\n<p>RaaS developers offer a full service to the operators, for a large share of the ransom paid out, according to Ropek.<\/p>\n<p>When the ransomware is planted and activated, the target receives a message telling them how much to pay to get their data unencrypted.<\/p>\n<p>That ransom can run from thousands to millions of dollars, usually depending on the financial strength of the target.<\/p>\n<p>On Tuesday, the US unsealed an indictment against two Russian nationals, bringing to five the number of Russians it has charged in connection with LockBit.<\/p>\n<p>In May last year the US <a rel=\"noopener noreferrer\" target=\"_blank\" class=\"link--external\" href=\"https:\/\/www.cnn.com\/2023\/05\/16\/politics\/us-reward-russian-hacker\/index.html\">offered<\/a> a $10 million reward for information leading to the arrest of one of them, Mikhail Pavlovich Matveev.<\/p>\n<p>Biggar said a \u201clarge concentration\u201d of the cybercriminals are in Russia and are Russian-speaking but law enforcement agencies have not seen any direct support for LockBit from the Russian state.<\/p>\n<p>\u201cThere is clearly some tolerance of cyber criminality within Russia,\u201d he added.<\/p>\n<p><em>Published in Dawn, February 21st, 2024<\/em><\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>LONDON: An international operation led by the UK and US law enforcement agencies has severely disrupted \u201cthe world\u2019s most harmful cybercrime group\u201d, the Russian-linked ransomware specialist LockBit, officials announced on Tuesday. LockBit and its affiliates have targeted governments, major companies, schools and hospitals, causing billions of dollars of damage and extracting tens of millions in [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":62881,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"fifu_image_url":"https:\/\/i.dawn.com\/large\/2024\/02\/21091312c956ac1.jpg?r=091545","fifu_image_alt":"","footnotes":""},"categories":[13],"tags":[],"class_list":["post-62880","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-top-news"],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/pakistaninewspaperlist.com\/news\/wp-json\/wp\/v2\/posts\/62880","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pakistaninewspaperlist.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pakistaninewspaperlist.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pakistaninewspaperlist.com\/news\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/pakistaninewspaperlist.com\/news\/wp-json\/wp\/v2\/comments?post=62880"}],"version-history":[{"count":0,"href":"https:\/\/pakistaninewspaperlist.com\/news\/wp-json\/wp\/v2\/posts\/62880\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/pakistaninewspaperlist.com\/news\/wp-json\/wp\/v2\/media\/62881"}],"wp:attachment":[{"href":"https:\/\/pakistaninewspaperlist.com\/news\/wp-json\/wp\/v2\/media?parent=62880"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pakistaninewspaperlist.com\/news\/wp-json\/wp\/v2\/categories?post=62880"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pakistaninewspaperlist.com\/news\/wp-json\/wp\/v2\/tags?post=62880"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}