LockBit Ransomware Group Steps Up Their Game with Triple Extortion as the Next Evolution

LockBit Ransomware Group Steps Up Their Game with Triple Extortion as the Next EvolutionAfter suffering a taste of their own medicine as part of a response effort from victim organization Entrust, LockBit appears to have bounced back even stronger than before.

The LockBit ransomware gang has lead the way as one of the most prominent ransomware variants seen in attacks in the first quarter of this year. They’ve continued to follow the similar “encryption + data leak” strategy for many months – that is until they attacked and successfully stole data from security vendor Entrust.

According to Bleeping Computer, when the threat of posting the stolen data was made by LockBit, Entrust was involved in a DDos attack against LockBit’s servers to keep the data from being posted. But after recovering, it appears that LockBit is planning on utilizing DDoS as part of an ongoing triple extortion effort moving forward.

This means organizations that are hit by the ransomware variant will not only see operational disruption due to encryption, the threat of data being leaked, but advanced DDoS efforts to make the victim organization’s Internet-facing applications and systems inaccessible, further killing any operations that survive the ransomware attack.

We’ve seen DDoS used before, but it’s the first time LockBit has acknowledge it being a part of their attack plans.

Organizations need to take the repercussions of such attacks seriously, taking all steps necessary – including the addition of Security Awareness Training to enable users to help minimize the phishing attack threat surface – to keep attacks by LockBit (and any cybercriminal gang for that matter) at bay.

Free Ransomware Simulator Tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 22 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

RansIm-Monitor3Here's how it works:

  • 100% harmless simulation of real ransomware and cryptomining infections
  • Does not use any of your own files
  • Tests 23 types of infection scenarios
  • Just download the install and run it 
  • Results in a few minutes!

Get RanSim!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Topics: Ransomware

Subscribe To Our Blog

Ransomware Hostage Rescue Manual

Get the latest about social engineering

Subscribe to CyberheistNews