LockBit is recruiting employees to breach corporate networks

Topic

New Reply

https://www.acronis.com/en-us/cyber-protection-center/posts/lockbit-recruiting-employees-breach-corporate-networks/

The ransomware arms race continues to thrive as LockBit gangs recruit corporate insiders to help them breach and encrypt networks, offering employees hefty payouts in exchange for their help.

LockBit recently made news when they hit the UK’s Merseyrail this past April. In the last few days, the Australian Cyber Security Centre (ACSC) announced that LockBit 2.0 has infected multiple organizations across various industry sectors…

Payouts can mean big bucks!
Arriving on the cybersecurity scene in September 2019, LockBit is a unique, self-spreading ransomware-as-a-service that does not require the attacker to be live in a network to be effective. While it does not get big headlines like other groups, LockBit is effective. The ransoms tend to be lower and partnering with insiders is easy because they share 70-80% of the ransomware payment with their recruited affiliates.

For businesses of all sizes, this recruiting strategy is alarming because from time to time, every business has a disgruntled employee that may be receptive to making this kind of money, albeit their participation in this kind of activity is a felony. And with the proliferation of remote work, data accessibility is on the rise, making it more widely available and increasing the risk that employees may inadvertently or intentionally leak sensitive, confidential information to unauthorized parties outside the organization…

Reply | Quote