Experts: LockBit ransomware could be next target for disruption

CyberScoop reports that experts believe that the LockBit ransomware operation, which just threatened to leak data stolen from U.K. shipping service Royal Mail, could be the next target of law enforcement agencies for a takedown following the disruption of the Hive ransomware gang. Recent high-profile attacks by LockBit, which include an attack of an affiliate against the Hospital for Sick Children in Toronto, could have raised its profile to law enforcement entities around the world, which have agreed to crack down on ransomware operators, according to Emsisoft threat analyst Brett Callow. "I wouldn't be at all surprised to discover that LockBits operation had been subject to a Hive-like infiltration. Law enforcement agencies are getting better and better at counter-ransomware operations and every arrest they make and every bit of intel they collect helps them take action against other groups and individuals," said Callow. Significant action against LockBit is also being expected by Recorded Future intelligence analyst Allan Liska. "You cant be this big for this long as a [ransomware-as-a-service] group without attracting a lot of unwanted attention," Liska added.