top of page

Joint Cyber Advisory: Lockbit 3.0 Ransomware

Mar 23, 2023

New variant is nastier

Oakland’s nightmare continues as LockBit strikes again | Cybernews

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing a joint Cybersecurity Advisory to disseminate known LockBit 3.0 ransomware Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs). 

This is Katy Craig in San Diego, California.

Identified through FBI investigations as recently as this month, March 2023, LockBit 3.0 is part of an ongoing ransomware-as-a-service model that has been in operation since January 2020, with affiliates deploying this variant across a wide range of businesses and critical infrastructure organizations, including the embattled city of Oakland, which just recovered from a ransomware attack in February and got hit by LockBit in March. Lockbit actors employ a myriad of TTPs to obtain and gain access, so your best defense is good cyber hygiene and remaining vigilant to phishing attempts.

To reduce the likelihood or impact of these incidents, the cybersecurity advisory strongly recommends remediating known exploited vulnerabilities, training users to recognize phishing attempts, and enabling and enforcing phishing-resistant multi-factor authentication. Other best practices include closing unused ports, turning off hyperlinks in emails, adding a banner to emails that originate from outside your network, and so on. The full report with recommended mitigations is available on under cybersecurity advisories.

This is Katy Craig. Stay safe out there.

bottom of page