This Monday, the Seville City Hall saw how all his computer Services They were suddenly paralyzed. The consistory had been the victim of a cyber attack that could expose very sensitive data of citizens, information that is now withheld. This computer aggression has been perpetrated by LockBita secret criminal band considered one of the greatest global threats in terms of cybersecurity.
LockBit is also a sophisticated family of ‘ransomware‘, as the computer viruses specialized in to kidnap data for which they later demand payment of a rescue economic. They are one of the most popular attack vectors. The more sensitive the information retained, the greater the blackmail power of the attackers. In the case at hand, they are demanding that the Andalusian council pay up to 1.5 million dollars.
This group is particularly active and aggressive. It is estimated that in 2022 it carried out a total of 764 successful cyberattacks. This year his shares have gone up. Among the victims of his method of extortion They include organizations from disparate fields such as Royal Mail, the United Kingdom postal service company, a children’s hospital in Canada, schools in the United States or the infrastructure of a tunnel in Australia.
Millionaire benefits
LockBit emerged in late 2019, when the group called itself ‘ABCD’. Since then, they have carried out attacks in countries such as the US, China, India, Germany, France, Indonesia and Ukraine. In some places they are also less commonly described by the name ‘Bitwise Spider’.
His method of digital kidnapping It is the pillar of a business as dark as it is lucrative. “LockBit members have obtained at least $100 million in ransom demands, and have also extracted millions of dollars in cash payments from their victims“, warned the United States Department of Justice in November of last year. More than a thousand organizations, companies and people around the world.
Professional criminals
Related news
These cybercriminals operate in a highly professional manner. The group would have a central unit that creates the computer virus and sells it to ‘affiliates’ who launch attacks against their targets. This operation is known as ‘ransomware as a service’. If the ‘affiliates’ manage to penetrate their victim’s defenses and obtain a large ransom they then share up to three quarters of that money with the other members of the group, according to the cybersecurity firm Kaspersky.
This organized method allows them to sell themselves as a prolific group, which in turn makes it easier for them to seduce and attract new members. “Of all the groups, they have probably been the most professional and that is, in part, the reason for their durability,” explained Brett Callow, threat analyst at antivirus company Emsisoft to ‘Wired’.