The Russian-speaking hacker group Lockbit, considered « the most harmful » in the world, continues to make headlines in the French news with sophisticated and destructive attacks. On April 16 2024, Lockbit 3.0 claimed responsibility for the attack on the Simone-Veil hospital center, demanding a ransom and threatening to disclose sensitive data. With over 2,500 cyberattacks to its credit, including 200 in France, Lockbit stands out for its aggressiveness and ability to cause significant damage to critical infrastructure.
Lockbit, founded by Russian hackers, operates on a lucrative ransomware-as-a-service (RaaS) model where 20% of the collected ransoms are paid to the creators of the malware. Their goal is to paralyze businesses and departmental councils to seize confidential data, which they then monetize at high prices. Although the « 1.0 » version of Lockbit was officially dismantled in February thanks to a coordinated international effort, the group has proven its resilience and continues to operate with formidable efficiency. According to cybersecurity experts, Lockbit’s adaptability and use of advanced encryption techniques make it particularly challenging to combat.
Despite several setbacks, notably “Operation Chronos” led by the UK’s National Crime Agency (NCA), which neutralized part of their activities in France and froze their cryptocurrency accounts, Lockbit persists. An international effort managed to lock down 34 servers used by Lockbit 1, demonstrating coordinated efforts to counter this threat. However, since June 2023, the group has carried out 7,000 attacks, highlighting that it is far from being eliminated and remains a serious and persistent threat.
With the cyberattack on the Cannes hospital, Lockbit has made a dramatic comeback, demonstrating their resilience and increased threat level. This move is intended to assert their dominance over rival hacker groups, emphasizing that they remain a leading force in cybercrime.
In Russia, the leader of Lockbit is now one of the most wanted cybercriminals in the world, with his identity revealed by authorities. Criticized even within hacker circles for the group’s relentless and harmful activities, he embodies the persistence and ingenuity of the modern cyber threat. The fight against Lockbit and cyberattacks in general is far from over, and the race for cybersecurity is intensifying. Companies and institutions must double their vigilance and strengthen their defenses to protect themselves against these increasingly sophisticated cybercriminals.
Sources :
Le groupe de cybercriminels Lockbit mis hors d’état de nuire – Gendinfo (interieur.gouv.fr)
LockBit leader unmasked and sanctioned – National Crime Agency
Youtube :
Europe 1. (2024, May 8). Hackers de «Lockbit» : Europol et le FBI dévoilent l’identité du cybercriminel le plus recherchéhttps://www.youtube.com/watch?v=Pg4h3AAjb4Q
FRANCE 24. (2024, February 21). Le groupe de hackers “le plus nuisible” au monde démantelé par une opération internationale https://www.youtube.com/watch?v=25WgoUm8-SQ