Share this article on:
The Australian Cyber Security Centre has issued an alert following a reported increase in the number of LockBit 2.0 ransomware attacks across Australia.
One of the nation’s peak cyber security bodies this week issued an alert following a reported increase in the number of Australian entities targeted by LockBit 2.0 ransomware.
According to the ACSC, the victims of the attacks have been from numerous different industries, with those targeted receiving demands for payments following the encryption of data.
In fact, the malicious actors have even gone as far as to threaten victims that their data will be published.
ACSC explains that malicious actors have been targeting Australian organisations with LockBit since 2019.
“LockBit (AKA LockBit 2.0, ABCD) is a ransomware variant first detected in September 2019, used by cyber criminals targeting multiple sectors and organisations around the world, including Australia. LockBit is offered as a ransomware-as-a-service (RaaS), enabling affiliates to utilise it as desired, provided a percentage of the illicitly gained profits are shared with the LockBit operators as commission. This profile provides information covering the LockBit ransomware’s background, recent initial access indicators, targeted sectors, and mitigations advice,” a report by the cyber security agency warned.
According to the ACSC, the malicious actors utilise a “double extortion” technique.
“LockBit affiliates are known to implement the ‘double extortion’ technique by uploading stolen and sensitive victim information to their dark website ‘LockBit 2.0’, and threatening to sell and/or release this information if their ransom demands are not met. This is intended to coerce the victim into paying the ransom demand. The ‘LockBit 2.0’ site is hosted on The Onion Router (Tor) network, enabling greater anonymity to LockBit threat actors hosting illicitly obtained material.”
The agency encourages anyone who has been the victim of ransomware to come forward to the ACSC.
[Related: FBI advises against banning ransomware payments]