September 01, 2022  —  Eric Swotinsky
Incident reports

LockBit gang plans triple-extortion tactics

The LockBit ransomware gang has announced that it is working to take its operation to the triple-extortion level. The gang is now looking to add DDoS as an extortion tactic on top of encrypting data and exfiltrating it (to threaten future leaks).

After a cyberattack against security giant Entrust, the attackers began to consider these changes. LockBit released a torrent called “entrust.com” with 343 GB of files, including legal documents, marketing spreadsheets, and accounting data. The initial ransom demand in this case was $8 million, though it later dropped to $6.8 million.

Last week, LockBit demanded a ransom of $10 million from The Center Hospitalier Sud Francilien (CHSF) — a 1000-bed hospital located 28km from the center of Paris, which serves an area of 600,000 inhabitants.

The Active Protection included in Acronis Cyber Protect detects and blocks ransomware from LockBit and other groups, keeping your data safe from encryption or extortion.