Significant concerns have been raised by cybersecurity experts over the leak of the LockBit 3.0 ransomware encryptor, which could be leveraged by other threat groups to create their own operations, reports The Record, a news site by cybersecurity firm Recorded Future.
Attackers leveraging LockBit's source code is a "near certainty," according to Symantec Threat Hunter Team Principal Intelligence Analyst Dick O'Brien.
"Other ransomware operators could replace their payloads with rebranded variants of LockBit and you could see some aspirant groups use this to launch their own ransomware operations," said O'Brien.
Similar sentiments were shared by Emsisoft threat analyst Brett Callow.
"As was the case when Babuks builder leaked, we may well see other threat actors use LockBits, which would obviously complicate attribution," Callow said.
However, O'Brien warned against exaggerating the potential impact of the leak.
"Attackers also need to have the capability to access the networks of a large pool of potential victims and also the ability to scale by creating the infrastructure needed for an affiliate program," he added.
SiliconAngle reports that ransomware attacks against the educational sector have significantly increased from 2018 to 2022 and are expected to reach a record high this year, with 85 attacks recorded during the first half of 2023 being almost two times higher than the same period in 2022.
Air Canada has confirmed being impacted by a data breach that compromised some of its employees' limited personal data and other records, reports The Record, a news site by cybersecurity firm Recorded Future.