Introduction
The growing reliance on digital platforms has led to an exponential increase in cybercrime, including ransomware attacks. One infamous player in this field is LockBit ransomware that has been causing havoc globally and more recently, targeting Mac devices.
Understanding LockBit Ransomware
LockBit, formerly known as “ABCD” ransomware, is a malicious software that encrypts important files on a victim’s computer, rendering them inaccessible. Appearing first in September 2019, this crypto virus demands payment in cryptocurrency to unlock the compromised files. Primarily targeting companies or organizations with substantial financial resources, the LockBit gang operates through a website on the dark web where they recruit members and disclose information about victims who refuse to pay.
The Modus Operandi of LockBit
LockBit hides its harmful files by masquerading them as harmless image files. This malicious software gains access to the company’s network by posing as someone trustworthy. Once inside the network, it sabotages any recovery mechanism and locks all files. With the only decryption key in the possession of the LockBit gang, victims are often left with no option but to pay up for their data.
Who are the LockBit Gang?
The LockBit gang comprises cybercriminals who use a ransomware-as-a-service model to profit. Specializing in creating customized attacks for paying clients, they share the ransom money amongst their team and associates. They are infamous for their prolificacy and for actively avoiding attacks on Russian systems or countries in the Commonwealth of Independent States for fear of getting caught.
Why is macOS being targeted?
With the objective of broadening the scope of their attacks and potentially increasing their earnings, the LockBit gang has set its sights on macOS. Although ransomware has mainly targeted Windows, Linux, and VMware ESXi servers in the past, the gang is now actively developing tools to target macOS.
Recent Instances of Cyberattacks in India
India has witnessed a significant surge in ransomware attacks, with roughly 82% of companies affected in 2020. Some notable incidents include the WannaCry attack in 2017, a data breach at Juspay affecting 35 million customers, including Amazon’s in 2021, and more recently, a ransomware attack on AIIMS Delhi in Dec 2022.
Government Initiatives for Cyber Security
To safeguard against these cyber threats, the Indian government has initiated several measures. This includes the establishment of the Indian Cyber Crime Coordination Centre (I4C), the Indian Computer Emergency Response Team (CERT-In), the Cyber Surakshit Bharat initiative, the Cyber Swachhta Kendra, the National Cyber security Coordination Centre (NCCC), a Cyber Insurance Policy, and the Kerala Government’s Cyberdome Project.
Protection Measures against LockBit Ransomware
Potential victims can fortify their defenses against LockBit ransomware by employing strong passwords, utilizing multi-factor authentication, reassessing account permissions, and creating system-wide backups. By limiting user permissions and ensuring that web domains, collaborative platforms, web meeting services, and enterprise databases are secured, there can be a significant reduction in these cyber threats. Creating offline backups of crucial data at regular intervals can protect against permanent data loss.
