We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

LockBit Ransomware Extorts US Organizations For $91 Million

LockBit Ransomware Extorts US Organizations For $91 Million
Author Image Zane Kennedy
Zane Kennedy Published on 16th June 2023 Cybersecurity Researcher

In a joint bulletin released by cybersecurity authorities from multiple countries, it has been revealed that the notorious LockBit ransomware gang has extorted a staggering $91 million from approximately 1,700 US organizations since 2020.

The bulletin was published by the US Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and partner authorities from Australia, Canada, France, Germany, New Zealand, and the UK. Within, it details the observed common vulnerabilities and exposures (CVEs) exploited, as well as the tools, and tactics, techniques, and procedures (TTPs) used by the LockBit gang and its affiliates.

LockBit, a ransomware-as-a-service (RaaS) operation, has gained notoriety for its disruptive and prolific attacks. The cybercriminals have spared no critical infrastructure sector, targeting industries such as financial services, healthcare, manufacturing, transportation, and government and emergency services.

The Cybersecurity Advisory (CSA) that accompanied the bulletin indicated that LockBit attacks accounted for 18% of the total reported ransomware incidents in Australia, 22% in Canada, 23% in New Zealand, and 16% in the United States.

Since its emergence in late 2019, LockBit ransomware has undergone significant upgrades, including LockBit Red (June 2021), LockBit Black (March 2022), and LockBit Green (January 2023). The latest version, LockBit Green, incorporates leaked source code from Conti ransomware.

LockBit ransomware has evolved to target Linux, VMware ESXi, and Apple macOS systems. Noteworthy for its distinctive practices, LockBit incentivizes individuals to get tattoos of its insignia and has introduced the industry's first bug bounty program. The ransomware model involves core developers renting out their software to affiliates who carry out the attacks, with affiliates receiving ransom payments directly before sharing a portion with the main group.

The success of LockBit could be attributed to its continuous innovation and development. The ransomware operation provides a simplified, point-and-click interface for easy deployment, even by threat actors with limited technical expertise. LockBit even goes so far as to directly support affiliates with the deployment of their ransomware.

CISA recently issued a Binding Operational Directive 23-02 to mitigate the growing threat, mandating federal agencies to secure network devices exposed to the public internet and reduce the attack surface.

With LockBit's unwavering influence, global companies and governments must maintain vigilance and proactively enhance their cybersecurity defenses. Combating this persistent ransomware threat necessitates collaborative efforts and constant adaptation to safeguard critical systems and mitigate financial risks.

About the Author

Zane is a Cybersecurity Researcher and Writer at vpnMentor. His extensive experience in the tech and cybersecurity industries provides readers with accurate and trustworthy news stories and articles. He aims to help individuals protect themselves through informative content and awareness of cybersecurity's crucial role in today's digital landscape.