With ransom payments and data recovery expenses totalling billions of pounds, there are over 200 victims in the United Kingdom and thousands more internationally.
Five Russian nationals have been accused by US authorities in connection with a worldwide operation aimed at dismantling a notorious cybercrime syndicate that demands ransom for the data of its victims.
The National Crime Agency (NCA) and a coalition of international police agencies, including the FBI, have seized control of the extortion website associated with Lockbit, causing significant disruption.
Some of the world’s largest organisations, including Royal Mail, which experienced significant disruption following an attack in early 2023, have been compromised by the gang and its affiliates.
Graeme Biggar, director general of the NCA, declared that a ten-nation international law enforcement coalition had “hacked the hackers” and brought down a ransomware website that was extremely prolific.
He stated at a press conference in Westminster that Lockbit was responsible for 25% of attacks in the previous year and had been the most prolific ransomware group over the previous four years.
There are thousands of victims worldwide, in addition to over 200 victims in the United Kingdom, who have suffered billions of pounds in ransom payments and data recovery expenses. Prominent organisations and public services, including hospitals, are among the targets.
In September of last year, when the private security firm Zaun was the target of an attack, sensitive military information was compromised.
Lockbit, according to Mr. Biggar, received no direct support from the Russian government, despite the fact that cybercrime is tolerated there.
Five Russian nationals have been charged by US authorities, of which two are in custody: Mikhail Vasiliev, who is awaiting extradition proceedings in Canada, and Ruslan Magomedovich Astamirov, who is in the United States.
Mikhail Pavlovich Matveev, Artur Sungatov, and Ivan Kondratyev, the remaining three, remain unapprehended.
In Poland and Ukraine, two individuals have been apprehended, and over two hundred cryptocurrency accounts that are suspected to be associated with the organisation have been suspended.
Monday’s announcement on the organisation’s website stated, “The National Crime Agency of the United Kingdom has assumed control of this site in close collaboration with the Federal Bureau of Investigation and the international law enforcement task force ‘Operation Cronos’.”
The exceptional law enforcement operation received assistance from Europol, as well as other international police organisations hailing from France, Japan, Switzerland, Canada, Australia, Sweden, the Netherlands, Finland, and Germany.
“Don’t miss out! Grab your free shares of Webull UK today!”
Paul Foster, deputy director of the NCA, remarked that the organisation maintained an aesthetically pleasing website with devoted clients and even executed a fruitful marketing campaign in which individuals with Lockbit logo tattoos were offered $1000.
He claimed that cybercriminals with minimal technological expertise could utilise the organisation’s digital extortion tools with only a few mouse keystrokes.
Mr. Biggar stated, “We have hacked the hackers, seized their source code, and seized control of their infrastructure in order to obtain keys that will assist victims in decrypting their systems.”
“As of today, Lockbit is no longer accessible. Our actions have significantly undermined the credibility and operational capacity of an organisation that relied heavily on confidentiality and anonymous operations.”