ACSC warns of steep rise in LockBit ransomware attacks


By Dylan Bushell-Embling
Monday, 09 August, 2021

ACSC warns of steep rise in LockBit ransomware attacks

The Australian Cyber Security Centre (ACSC) has warned of an increase in attacks targeting Australian organisations using the LockBit ransomware.

In a threat advisory given a medium alert status, ACSC said it is aware of “numerous incidents” involving LockBit affiliates successfully deploying ransomware on corporate systems in Australia since 2020.

The LockBit ransomware as a service was updated in June to version 2.0 and allegedly bundled with a built-in information-stealing function known as ‘StealBit’, according to the advisory.

The majority of known victims in Australia have been reported after July, indicating a steep increase in threat activity.

LockBit attackers use the ‘double extortion’ technique involving both the conventional method of encrypting data as well as uploading stolen and sensitive victim information on the ‘LockBit 2.0’ dark net website and threatening to sell and/or release this information if ransom demands are not met.

Recently the ACSC has observed LockBit threat actors exploiting previously discovered vulnerabilities in the Fortinet FortiOS and FortiProxy products to gain their initial access to victim networks.

Attackers have successfully targeted corporate systems in a variety of sectors, including professional services, construction, manufacturing, retail and food. The ACSC warned that threat actors involved in ransomware activity are opportunistic in nature and are capable of victimising organisations in any sector.

Meanwhile, the operators behind the ransomware as a service have previously advertised partnership opportunities for threat actors that could provide credential-based accesses to Remote Desktop Protocol (RDP) and virtual private network (VPN) remote access solutions, giving them another attack vector.

Image credit: ©stock.adobe.com/au/pinkeyes

Related News

New Relic upgrades app security testing suite

The New Relic Interactive Application Security Testing solution has been upgraded with new...

Tenable introduces new GenAI capabilities

Tenable is using generative AI to help its customers discover, learn about and close attack paths...

ISACA launches Digital Trust Ecosystem Framework

ISACA has launched what it says is a global first framework to help organisations achieve digital...


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd