LOCKBIT RANSOMWARE (Syllabus: GS Paper 3 – Internal Security)

Context: The LockBit ransomware gang targeted National Aerospace Laboratories (NAL), threatening to leak the organisation's data if it failed to pay the “unspecified ransom”.

oIndia faced 2.6 million ransomware attacks, a rise of 133% in the past six months, placing India in the elite club of nations most affected by ransomware.

LockBit Ransomware

• Origins: LockBit, formerly identified as "ABCD" ransomware, is a malicious computer virus specializing in encrypting vital files, rendering them inaccessible upon infiltration.
• Crypto Demands: Emerging in September 2019, LockBit operates as a "crypto virus," demanding payments in cryptocurrency for the decryption of files it encrypts.
• Target Profile: LockBit predominantly targets affluent companies or organizations capable of paying substantial amounts to regain access to their encrypted files.
• Dark Web Presence: The individuals orchestrating LockBit operations maintain a dark web presence. They recruit members and disclose information about victims who refuse to comply with ransom demands.
• Global Impact: LockBit's reach extends across various countries, with documented attacks on companies in the U.S., China, India, Ukraine, and Europe.
• According to Report: LockBit ransomware group is the most active in India, being responsible for 13% of attacks.