NCA, FBI, and international task force take down LockBit's website, signaling a significant disruption to the notorious cybercrime operation. (Screen shot of seized LockBit ransomware gang's main website page)
The LockBit ransomware gang's website has been taken down by the National Crime Agency (NCA) of the UK, in collaboration with the FBI and the international law enforcement task force, Operation Cronos. This action was confirmed by an unnamed NCA spokesperson. The NCA splash screen, which has replaced the gang's website, lists participating countries in the operation, including Canada, France, Japan, Switzerland, Germany, Australia, Sweden, the Netherlands, and Finland.
LockBit, a notorious cybercrime operation, has been targeted by law enforcement agencies for some time. This recent action comes after the arrest of Mikhail Vasiliev in November 2022, who pleaded guilty to multiple charges involving cyber-extortion, mischief, and weapons offenses in Canada. The U.S. is seeking his extradition to face charges there.
The LockBit gang has been known for its long-running cybercrime operations and its ability to evade law enforcement. However, this recent disruption is seen as a significant blow to the group. Brett Callow, a ransomware threat analyst at Emsisoft, described it as "likely the most significant disruption of a ransomware operation to date." He added that while this action will not solve the ransomware problem entirely, it is a significant win for law enforcement.
LockBit has been a major player in the ransomware landscape, with the most active global ransomware group in 2022, according to a joint background paper released by cybersecurity agencies from seven countries last June. The U.S. estimated that LockBit had received $91 million in ransoms from victim organizations in the country alone since January 2020. In Canada, LockBit was responsible for 22% of attributed ransomware incidents in 2022.
While this disruption is a positive development, experts caution that ransomware remains a significant threat. Cybercriminals continue to evolve their tactics, and there is a need for ongoing collaboration between law enforcement agencies and the private sector to combat this threat effectively.
