LockBit, what is it?
The LockBit is malware designed to block users' access to computer systems and lift the block in exchange for a ransom. The ransomware automatically scans important resources, spreads the infection, and encrypts all accessible computer systems on a network. This ransomware is used for highly targeted attacks against companies and other organizations. (Kaspersky)
Why are we talking about LockBit?
After attacking Thalès, they announced that they had information and data on the Ministry of Justice in their possession. No fewer than 10,000 confidential files are said to have been stolen. Following this, they announced on their website that they would disclose them in two weeks. As a reminder, LockBit has been known for its attacks on large organizations and companies since 2019. Therefore, even though these are only claims at this stage, the Department of Justice has announced that it has launched an investigation.
The strength of LockBit
LockBit's strength lies in the fact that they offer an affiliate program to other cyber attackers. In other words, after their first version, they created LockBit 2.0, which offers an affiliate service. Affiliates can then use the ransomware on their own and receive a percentage of the revenue paid by the software's creators themselves. This makes the ransomware even more dangerous and lucrative due to its mass effect. Any profession, organization, or business can be targeted by the group or its affiliates at any time. In addition, it is fully automated, allowing it to spread quickly throughout the victim's network, identify important systems, and lock them down.
