LOCKBIT RANSOMWARE (Syllabus: GS Paper 3 – Internal Security)

News-CRUX-10     29th December 2023        

Context: The LockBit ransomware gang targeted National Aerospace Laboratories (NAL), threatening to leak the organisation's data if it failed to pay the “unspecified ransom”.

oIndia faced 2.6 million ransomware attacks, a rise of 133% in the past six months, placing India in the elite club of nations most affected by ransomware.

LockBit Ransomware

  • Origins: LockBit, formerly identified as "ABCD" ransomware, is a malicious computer virus specializing in encrypting vital files, rendering them inaccessible upon infiltration.
  • Crypto Demands: Emerging in September 2019, LockBit operates as a "crypto virus," demanding payments in cryptocurrency for the decryption of files it encrypts.
  • Target Profile: LockBit predominantly targets affluent companies or organizations capable of paying substantial amounts to regain access to their encrypted files.
  • Dark Web Presence: The individuals orchestrating LockBit operations maintain a dark web presence. They recruit members and disclose information about victims who refuse to comply with ransom demands.
  • Global Impact: LockBit's reach extends across various countries, with documented attacks on companies in the U.S., China, India, Ukraine, and Europe.
  • According to Report: LockBit ransomware group is the most active in India, being responsible for 13% of attacks.