The ransomware gang that's a global threat | About That

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
foreign odds are you're going to be hearing a lot more about lockbit in the news logbit had carried out cyber attacks against important infrastructure like hospitals and large industrial groups across the world if it's a type of ransomware a program cyber criminals use to hack into different organizations extract and encrypt their data then demand huge sums of money for them to get it back but now lockbit is Public Enemy Number One ransomware and you know lockbit is part of uh as part of this challenge is a multi-billion dollar integrated Global industry that threatens the security of you know critical institutions and infrastructure last Thursday the U.S Department of Justice announced criminal charges against a Russian national they say is responsible for attacks on four continents just a few days earlier the cyber security arm of the U.S Department of Homeland Security put out a joint advisory with the FBI and six other countries including Canada Germany France and the UK saying in 2022 lockbit was the most deployed ransomware variant across the world and continues to be prolific in 2023 and no wonder in just a few years they've hit businesses big and small according to reports the print is in the Royal Mail sorting office suddenly started spewing out messages from the lock bit ransomware gang saying your data are stolen and encrypted and demanding payment to sort the situation out they've crippled critical Targets in finance food and agriculture education energy one of the biggest dental care insurance providers in the US got hacked and criminals got a hold of private data on more than nine million Americans in the UK their National Postal Service got hit hard hackers demanded 80 million dollars and in Canada they hit a children's hospital last month SickKids Hospital was hit with a ransomware attack its Network systems shut down for weeks thousands of attacks worldwide potentially hundreds of millions of dollars extorted but some wonder whether the group is getting too big and too Reckless and though it is one of the most successful and prolific cyber extortion gangs on the planet they've now got a giant Target painted on their backs lock bit at its core is software that works like a lot of other malware [Music] the entry point may be a sophisticated phishing scam to extract someone's username and password or an email that comes in with a rotten link or they just hack your system or guess your password either way there's an in from there the hacker solidifies their position they establish the secure and consistent channel of communication between their computer and the computer they're hacking then it's about chipping away using what Bare Bones access they have to gradually unlock more and more important parts of the system so it's kind of like breaking into someone's house maybe step one was tricking the person into giving you their address once you've got that you go visit and notice that their window was wide open so you slip inside suddenly you've got access to their whole house but you still can't get into the safe that is until you find the combination written on a piece of paper inside a desk drawer in the world of hacking that's lateral movement and privilege escalation once you do that you can properly execute the attack you copy the data from the victim's computer so you have it too you destroy any backups they have you encrypt what they've got left locking them out of their own data then the negotiations begin as a hacker you want money they want the key to unlock their files uh but there are a few key reasons why lockbit in particular stands out wide scene is such a threat one is sheer volume those seven governments who put out that joint advisory last week estimate up to a quarter of all recent ransomware attacks use lock bit software because in part it's so easy to use he wanted to create something kind of like apple where it just worked it's all point and click you know put in the domain you know search for vulnerabilities and exploit that was John DiMaggio he's a security strategist and he spent ages researching lockbit even going undercover on the forums that they use and yeah everything I've read and heard about lockpit is that it's actually quite a sophisticated almost professional business they write the software update it run the servers provide tech support and then license their code to hackers who launch the actual attacks lockbit charges for this up front and if the attack Works they get a cut of the action too reportedly about 20 percent there's even a term for this business model it's called ransomware as a service this enables them to scale much like any business you don't want to be the only person selling your products you want a whole network of resellers now like any business lockbit needs customers and over the years it's gone to some interesting lengths to Hype the brand for example it once offered a thousand bucks U.S to anyone who'd get a lock bit tattoo they have bug bounties meaning they'll pay anyone criminal or legit researcher who helps them find holes or flaws in their software and as a bit of bravado they famously promised a million dollars to anyone who could correctly identify the lock bit big boss a man shrouded in secrecy someone whom we only know from their username lock bits up every time something happens when you when the best thing to do would be to just be quiet no you got locked but the the leader himself out there posting to the forums the criminal forums talking about things and saying things that you probably shouldn't say and getting other criminals spun up but this aggressive expansion doesn't come without problems every publicity stunt every Innovation every update to locknit software brings in new hackers lockbit calls them Affiliates new groups of people shrouded in their own anonymity who have different goals different tactics different ethics lockbit doesn't control what they do how much they demand from their victims or who they hit and that becomes a very difficult very dangerous game one that's severely backfired late last year [Music] oh the hospital was hit by what it calls a code gray Sunday night that means a system failure sick kid says it's still working to bring all impacted systems back online sick kids is a teaching and research hospital for children in Toronto but last December a crippling lockbit attack on its systems which caused delays to Medical images and lab tests affected internal systems mangled phone lines the website it was a mess several internal phone lines and web pages went down and clinical teams ran into delays accessing patient lab and imaging results but this particular attack was also against lockbit's internal code of conduct for its members if you can believe they have one apparently there's a rule no attacks that might lead to death and the thought that lockpit might be more than criminal that it was evil for attacking children you know this was a PR nightmare if cyber criminals are willing to attack a chill Children's Hospital they're willing to attack any institution nothing is out of bounds or uh for these criminals who wants to be seen to be paying the ransom to a groupless attacks a hospital for some kids lochbit actually said sorry for the attack we formally apologize they said in a written post on their blog and that they'd give back the decrypter for free and said the person responsible for the attack is blocked and no longer in our affiliate program but the damage was done I think there's a significant question as to whether that apology is genuine in my view uh it isn't we've seen lockbit attack vulnerable institutions and and leverage uh the vulnerability uh of individuals and populations to advance it's it's you know it's criminal activities before it took weeks for sick kids to restore priority systems and even if nobody died as a result it all only added to the notion that lockbit is dangerous and that every additional day it is allowed to exist is one too many I don't think people realize how common ransomware incidents are or they share magnitude of the days of the gets stolen and released online lockbit has for years flown so effectively under the radar partly because victims stay quiet most people think any estimate we come up with for how many businesses they've extorted would just be a dramatic undercount there's a lot of shame in this game you know nobody wants to admit that they were relaxed enough with their security to be hacked but now lock bit is on everyone's radar lock bit has uh uh you know has significant uh well-documented uh uh affiliations with uh Russia these ransomware gangs uh operate uh with the tacitic acknowledgment even approval of uh Sovereign governments that are not uh allied with the West that in fact want these ransomware gangs to uh attack uh Targets in the west and are quite willing to to let them do so and quite willing you know to to shelter uh attackers uh within their borders uh from uh extradition and from the reach of Western Law Enforcement and the bigger they get the more they brag hitting critical high visibility targets the higher and higher the stakes seem to we'll be right back
Info
Channel: CBC News
Views: 4,051
Rating: undefined out of 5
Keywords: Ransomware, lockbit, cybersecurity, CBC News, about that, andrew chang, cbc, cbc news, cbc explore, exploreapp
Id: V3xP9IH_R2I
Channel Id: undefined
Length: 10min 48sec (648 seconds)
Published: Mon Jun 19 2023
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.