Illustration: Aïda Amer/Axios
One of the most prolific ransomware gangs of 2022 is already making headlines in the new year for successfully attacking critical infrastructure around the world.
Driving the news: In the last month, the ransomware gang has claimed responsibility for attacks on hospitals, shipping ports and local government offices.
Why it matters: LockBit’s continued success underscores the pervasive threat ransomware still poses despite years of government and industry investments to fight this type of cyberattack.
The big picture: The recent attacks add to a growing list of high-profile LockBit targets, including the 2021 attack on Accenture.
The intrigue: Part of LockBit’s continued dominance in the ransomware underworld stems from its incentives program, according to researchers at Trustwave’s SpiderLabs.
- The gang offers higher-than-average payouts to hackers who conduct attacks and operate a first-of-its-kind bug bounty program where hackers can report security vulnerabilities in company networks for a payout.
- LockBit is also constantly purchasing new hacking tools on the dark web to stay ahead of the curve, Trustwave researchers noted.
Between the lines: Trustwave forecasted in a report this week that LockBit would “remain the most active and effective group for the foreseeable future.”
Yes, but: Law enforcement agents are already investigating LockBit, and officials have had a strong track record in the last couple of years of spooking and shutting down prolific gangs.
- Prosecutors charged a dual Russian and Canadian national in November with working with LockBit.
- Deputy attorney general Lisa Monaco said at the time the arrest was the result of a more than 2.5-year investigation into LockBit.
Sign up for Axios’ cybersecurity newsletter Codebook here.