The US division of China’s biggest lender the Industrial and Commercial Bank of China was recently hit by a ransomware attack. This cyberattack disrupted trades in the U.S. Treasury market last week. Cybercriminal group LockBit, which has hacked some of the world’s largest organisations in recent months, claimed responsibility for the attack.
According to a report by news agency Reuters, a representative of the Lockbit ransomware gang said that ICBChas paid a ransom to the cybercriminals.A Lockbit representative via online messaging app Tox: “They paid a ransom, deal closed.”
How LockBit has turned out to be a threat
In a few years, the ransomware group LockBit has attacked several major organisations across the globe. The cybercriminal group has not only stolen sensitive data from these organisations but has also leaked them in cases where victims refused to pay ransom.
The group which was discovered in 2020 has become the world’s top ransomware threat, US officials have claimed. The attackers have been the most disruptive in the US as it has already hit over 1,700 organisations in the country in multiple sectors. This includes financial services food, schools, transportation as well as government departments.
Last week, Lockbit hackers published internal stolen data from aerospace major Boeing after the company refused to pay the ransom.
What is Lockbit 3.0 and how is it dangerous
CNBC reports that the founder of Swedish cybersecurity firm Truesec, Marcus Murray (as well as other publications have also reported) has said that the ransomware that has been used in the ICBC attack is called LockBit 3.0.
This type of ransomware can attack an organization in different ways. For example, it can enter when someone clicks a malicious link in an email. Once it gets in, it aims to extract sensitive information about a company.
According to a report by news agency Reuters, a representative of the Lockbit ransomware gang said that ICBChas paid a ransom to the cybercriminals.A Lockbit representative via online messaging app Tox: “They paid a ransom, deal closed.”
How LockBit has turned out to be a threat
In a few years, the ransomware group LockBit has attacked several major organisations across the globe. The cybercriminal group has not only stolen sensitive data from these organisations but has also leaked them in cases where victims refused to pay ransom.
The group which was discovered in 2020 has become the world’s top ransomware threat, US officials have claimed. The attackers have been the most disruptive in the US as it has already hit over 1,700 organisations in the country in multiple sectors. This includes financial services food, schools, transportation as well as government departments.
Last week, Lockbit hackers published internal stolen data from aerospace major Boeing after the company refused to pay the ransom.
What is Lockbit 3.0 and how is it dangerous
CNBC reports that the founder of Swedish cybersecurity firm Truesec, Marcus Murray (as well as other publications have also reported) has said that the ransomware that has been used in the ICBC attack is called LockBit 3.0.
This type of ransomware can attack an organization in different ways. For example, it can enter when someone clicks a malicious link in an email. Once it gets in, it aims to extract sensitive information about a company.
In a blog in 2022, the VMware cybersecurity team said that LockBit 3.0 is a “challenge for security researchers because each instance of the malware requires a unique password to run without which analysis is extremely difficult or impossible.”
The researchers also noted that the ransomware is “heavily protected” against analysis. The US government’s Cybersecurity and Infrastructure Security Agency calls LockBit 3.0 “more modular and evasive,” which makes it harder to detect.
As per the data by cybersecurity firm Flashpoint, LockBit is the most popular strain of ransomware. It has accounted for around 28% of all known ransomware attacks from July 2022 to June 2023.