Expert Comments

Comment: LockBit Ransomware Self-spreads To Quickly Encrypt 225 Systems

Expert(s): Security Experts
Expert(s): Security Experts

Bleeping Computer is reporting that a feature of the LockBit ransomware allows threat actors to breach a corporate network and deploy their ransomware to encrypt hundreds of devices in just a few hours. Started in September 2019, LockBit is a relatively new Ransomware-as-a-Service (RaaS) where the developers are in charge of the payment site and development and ‘affiliates’ sign up to distribute the ransomware. As part of this setup, the LockBit developers earn a percentage of the ransom payments, typically around 25-40%, while the affiliates receive a more significant share at about 60-75%.

Experts Comments

May 06, 2020
James McQuiggan
Security Awareness Advocate
KnowBe4
Often, during times when there are cases of ransomware, it's due to a successful social engineering phishing attack. In this instance, it was due to a brute force attack against a VPN configuration to the administrator’s password. Namely, the criminal group was able to sit at the front door of the building and spend several days picking the lock without being noticed. Organisations want to establish robust procedures for administrative VPN access into their network with either multi-factor.....Read More
Often, during times when there are cases of ransomware, it's due to a successful social engineering phishing attack. In this instance, it was due to a brute force attack against a VPN configuration to the administrator’s password. Namely, the criminal group was able to sit at the front door of the building and spend several days picking the lock without being noticed. Organisations want to establish robust procedures for administrative VPN access into their network with either multi-factor authentication or a solid password of 30 characters or more to reduce the risk of a brute force attack. Additionally, it's essential to fortify that front door by having all external, internet-facing software up to date to avoid possible exploitation, providing the criminal groups with an easy way into the network.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.
SUBMIT

You may also like

Booz Allen Report On CISOs And China Quantum Computing Risks,...

Experts Reactions On Sky Broadband Hack Warning

Ransomware Set To Break Records This Black Friday 2021

The Changing Face Of The COO Role

Security Expert On Apple Suing NSO Group

Meta Delays Plans To Rollout End-to-end Encryption

NCSC Issues Black Friday Warning To Tetailers

How The Zelle Fraud Scam Steals Your Bank Credentials

GoDaddy Data Breach Impacts Over A Million Users, Experts Reactions

Utah Imaging Data Breach – Expert Comments

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts