LockBit 5.0 expands targeting amid ransomware escalation | Computer Weekly

LockBit 5.0 expands targeting amid ransomware escalation | Computer Weekly

Briefly

""The rise in attacks in September could be a sign that the decline we've seen recently is now over," said NCC threat intelligence head Matt Hull. "As we approach the busy season for attackers - with Black Friday and Christmas fast approaching - organisations can't be complacent. Recent attacks on the transport and retail sector, specifically, have shown just how severe the disruption can be. "Organisations need to ensure they have robust third-party risk management, rapid incident response and proactive security strategies," he said."

"But while NCC's report says it is the Qilin, Akira and INC Ransom operations that currently dominate the landscape, intelligence from Check Point reveals that the at-large operators of LockBit are attacking organisations across the Americas, Asia and Europe with a LockBit 5.0 Chuongdong variant, and racked up at least a dozen victims in September. Once the most dominant ransomware as a service (RaaS) crews in NCC's datasets, LockBit was famously laid low by the UK's National Crime Agency in a coordinated, multinational sting dubbed Operation Cronos, which unfolded just over 18 months ago in February 2024. The gang had been responsible for up to a third of all data-leak site victim postings at that time."