DailyPost 2700
LOCKBIT NEARER HOME
If you don’t get any news of a major cyber attack for a week or so, be rest assured something has gone wrong. It might be that the incident/s have not been deliberately reported or may have been hushed up after payment of ransom. In all ransomware attacks the Catch22 situation does not get sorted out; to go by the law enforcement agencies, not pay the ransom and face the consequences thereof; recovery time, quantum of data recovery suspect, losing trust of customers and what not or cough off the ransom and get going. Getting hacked is the new normal. Even after paying the ransom, it is not necessary that data recovery will be full and complete.
It can also happen that data would have been copied / stored and can be used for a variety of purposes, monetising it. The danger of a second attack close on heels of the first one, even if the ransom is paid off, always lurks. The data is in its favour. Now we have the news of LockBit orchestrating a cyber-attack on known Indian broker Motilal Oswal. The current version *“LockBit 3.0 ransomware is an evolution of the prolific LockBit ransomware-as-a-service (RaaS) family, which has roots that extent back to BlackMatter and related entities.
This prolific ransomware gang has now claimed to have hacked Motilal Oswal, one of India’s top brokerage firms. The authorities have confirmed that they are aware of it and the investigation in underway. Motilal Oswal was added to LockBit’s dark web leak site, as per the listing there, validated by TechCrunch. It is known practice among cyber criminals to use leak sites to extort ransom payments from victims. LockBit has also claimed that it has accessed “confidential company data.” While the company decided not to respond but did not dispute the incident.
It is not known whether the company is experiencing any operational disruption. The company has around six million customers across numerous cities and holds assets under advice of about $53 billion. India’s Computer Emergency Response Team, or CERT-In told TechCrunch that it was aware of the matter. It also assured that it is “already in process of taking appropriate action.” Since 2022 LockBit hits the worldwide charts of ransomware attacks. It is a Russia linked ransomware gang and has the dubious distinction of attacks on TSMC, Accenture and Foxconn. It is now new to India either. Last year it attacked Indian pharmaceutical company Granules India and also the state-owned National Aerospace Laboratories.
NO PREVENTION, NO CURE, SEEMS TO BE THE NATURE OF THIS NEW AGE CRIME.
Sanjay Sahay
Have a nice evening.