LockBit, a notorious ransomware gang, has consistently targeted major corporations, with victims ranging from Boeing and DP World to the Industrial and Commercial Bank of China and Allen and Overy.
Recent revelations suggest that the hackers achieved their success by exploiting a vulnerability in Citrix Bleed on their NetScaler server, a flaw that had been patched a month prior. However, many companies overlooked the update, deeming the threat inconsequential at the time. This oversight provided LockBit with an opportunity to amass millions in ransom.
A noteworthy pattern in these cyberattacks is the involvement of young and talented hackers, often in their late teens or early twenties, between 21 and 23 years old. The question arises: How do these criminal organizations attract and recruit new talent?
The answer lies in the accessibility of young individuals who have recently graduated from college or completed professional degrees. These budding hackers can be enlisted at a relatively low cost through various online marketplaces. Once hired for a project or two, the criminal groups often sever ties with them to avoid detection by law enforcement.
Law enforcement agencies, such as the FBI, strongly discourage victims from paying ransoms. Not only does this practice perpetuate criminal activities, but it also offers no guarantee of receiving a decryption key. Moreover, there is no assurance that the stolen data will be deleted, as it may still reside on the servers controlled by the criminals.
To mitigate the risks associated with malware attacks, experts recommend implementing proactive measures. These include maintaining regular data backups, deploying threat monitoring solutions, and establishing an incident response team on premises. Taking these steps can significantly enhance an organization’s ability to protect itself against the growing threat of ransomware attacks.
