Ransomware - Sat Jan 14th, 2023 - LockBit in the spotlight - What You Need to Know

Published on January 14, 2023

Royal Mail is experiencing severe service disruption to their international export services following a cyber incident.

Yesterday, we learned that this disruption was caused by a LockBit ransomware attack. With LockBit having grown to be the largest ransomware operation.

A service update posted on Royal Mail’s website dated January 14th says it still can’t send packages internationally. “Royal Mail is experiencing severe service disruption to their international export services following a cyber incident,” it reads. “We are temporarily unable to despatch items to overseas destinations. We strongly recommend that you temporarily hold any export mail items while we work to resolve the issue.”

LockBit Definition

LockBit ransomware is malicious software that is intended to prevent users from accessing their computers in exchange for a ransom. LockBit will automatically select valuable targets, disseminate the infection, and encrypt all accessible computers on a network. This ransomware is employed to target specific organizations with a high degree of precision. As a cyberattack that is self-directed, LockBit has had an impact by threatening organizations around the world with some of the following dangers:

  • A disruption in the normal course of business that causes essential functions to come to a halt abruptly.
  • Extortion for the hacker's financial gain.
  • The perpetrator can steal personal information and publish it as blackmail if the victim does not comply.

How to protect against LockBit ransomware

Ultimately, you’ll have to set up protective measures to ensure your organization is resilient against any ransomware or malicious attacks from the offset. Here are a few practices that can help you prepare:

1.Strong passwords should be implemented. Many account breaches occur due to easy-to-guess passwords, or those that are simple enough for an algorithm tool to discover within a few days of probing.

2.Activate multi-factor authentication. Deter brute force attacks by adding layers atop your initial password-based logins. 

3.Reassess and simplify user account permissions. Limit permissions to more strict levels to limit potential threats from passing undeterred. Pay special attention to those accessed by endpoint users and IT accounts with admin-level permissions. 

4.Clean out outdated and unused user accounts. Some older systems may have accounts from past employees that were never deactivated and closed.

5.Ensure system configurations are following all security procedures. This may take time, but revisiting existing setups may reveal new issues and outdated policies that put your organization at risk of attack.

6.Always have system-wide backups and clean local machine images prepared. Incidents will happen and the only true safeguard against permanent data loss is an offline copy.

7.Be sure to have a comprehensive enterprise cyber security solution in place. While LockBit can try to disable protections once in a unit, enterprise cyber security protection software would help you catch file downloads across the entire organization with real-time protection. 

LockBit ransomware , see links for further information:

Keep reading

More posts from our blog