Mar 23, 2023
New variant is nastier
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-075a
Oakland’s nightmare continues as LockBit strikes again | Cybernews
The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing a joint Cybersecurity Advisory to disseminate known LockBit 3.0 ransomware Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs).Â
This is Katy Craig in San Diego, California.
Identified through FBI investigations as recently as this month, March 2023, LockBit 3.0 is part of an ongoing ransomware-as-a-service model that has been in operation since January 2020, with affiliates deploying this variant across a wide range of businesses and critical infrastructure organizations, including the embattled city of Oakland, which just recovered from a ransomware attack in February and got hit by LockBit in March. Lockbit actors employ a myriad of TTPs to obtain and gain access, so your best defense is good cyber hygiene and remaining vigilant to phishing attempts.
To reduce the likelihood or impact of these incidents, the cybersecurity advisory strongly recommends remediating known exploited vulnerabilities, training users to recognize phishing attempts, and enabling and enforcing phishing-resistant multi-factor authentication. Other best practices include closing unused ports, turning off hyperlinks in emails, adding a banner to emails that originate from outside your network, and so on. The full report with recommended mitigations is available on CISA.gov under cybersecurity advisories.
This is Katy Craig. Stay safe out there.