LockBit cyber crime group disrupted by National Crime Agency

LockBit – a cyber crime group which has been responsible for attacks in Jersey – has been disrupted by the UK’s National Crime Agency (NCA).

On Monday 19 February, the UK’s National Crime Agency (NCA) announced that it had disrupted the ransomware group LockBit as part of Operation Cronos.  They did this by taking over LockBit’s website to announce their action. The operation also involved the FBI, Europol and other international police organisations from France, Japan, Switzerland, Canada, Australia, Sweden, the Netherlands, Finland and Germany

LockBit specialise in ransomware attacks: this involves stealing sensitive information from an organisation, then threatening to release the data unless the organisation pays a significant sum of money. The group is known to be one of the most prolific ransomware groups in the world, and has targeted organisations around the world, including in the UK and in Jersey.

Following the NCA announcement, a LockBit representative has claimed that the group has backup servers that are not affected by this action.

Matt Palmer, Director of Jersey Cyber Security Centre said: “It’s encouraging progress that the NCA and its partners have been able to disrupt a prominent ransomware group: it is no doubt the result of many hundreds of hours of work from all the organisations involved. However, while this is good news, it doesn’t alter the overall cyber risks facing Islanders.

“LockBit are only one of many cybercrime groups operating today and all of those groups pose a very real risk to the Island. That is why it remains vital for all organisations to have the right level of cyber security controls in place.”

Find out more about the controls you can put in place to protect your organisation.