Lockbit 3.0: A threat to corporate IT security
Ransomware with a global reach
Since its appearance in 2019, Lockbit 3.0 has been one of the most formidable ransomware programs in the digital world. With over 1700 attacks listed worldwide since 2020, including renowned companies such as Thales, Continental and TSMC, its presence poses a serious threat to organizations IT security.
Decline of a giant
February 20, 2024 marked a turning point in the fight against this threat, with the dismantling of Lockbit during a vast international police operation named 'cronos'. Coordinated by Europol and the National Crime Agency, this investigation launched in 2022 resulted in the seizure of almost 200 crypto-currency wallets, the dismantling of 34 servers and the recovery of over 1,000 decryption keys worldwide.
Following this intervention, the LockBit 3.0 showcase site was no longer accessible, nor was the portal used for negotiations. Instead, an image was displayed with the message: "This site is now under law enforcement control".
An unexpected comeback
However, despite these efforts, Lockbit is still active. On February 25, 2024, the group relaunched its activities with a new showcase site based on the same structure as the old one, with already, new victims. In addition, a statement against the FBI and the 'cronos' operation was released.
Lockbit examined the vectors that facilitated the law enforcement operation. The head of the group acknowledged his errors, admitting "negligence" and "lack of responsibility" in delaying the update of Lockbit PHP servers. This oversight gave the authorities the opportunity to exploit a security flaw in the PHP programming language.
News
The General Security Regulation for Information Systems (RGS) is a normative framework established to ensure a high level of security for the information systems of French public administrations. Version 2 (RGS V2), the latest update, strengthens this objective by incorporating technical and organizational evolutions tailored to current threats. This article offers a comprehensive overview of the standard, its key requirements, practical applications, and its critical role in the field of industrial cybersecurity, including within essential sectors such as industry.
Industry 4.0 is transforming production processes through connected technologies. This evolution enhances the efficiency and flexibility of industrial chains. However, industrial systems are exposed to new threats, highlighting the challenges of industrial cybersecurity. In 2024, 43% of French organizations experienced at least one successful cyberattack. These attacks aim to disrupt operations, steal data, or compromise the security of critical infrastructures. In the face of these growing risks, implementing appropriate cybersecurity strategies becomes essential. This article outlines the main industrial cybersecurity challenges. It presents the risks, impacts, and solutions to strengthen the security of industrial infrastructures.
Critical infrastructures are essential to the smooth running of our modern societies. A failure or targeted attack against these systems could have disastrous consequences. From major economic disruption to threats to public safety. Given the increase in cyber-attacks targeting these infrastructures, industrial cyber-security plays a central role in protecting them. It is based on a set of strict standards and regulations. These aim to strengthen the resilience of industrial systems in the face of digital threats. This report describes the cybersecurity challenges facing critical infrastructures and the main threats they face. It also describes the technical solutions put in place to ensure their protection.
In a world undergoing rapid digital transformation, where even the smallest security flaw can be costly, the ISO/IEC 27005:2022 standard emerges as an essential safeguard for proactive risk management. Combining rigor and adaptability, this framework provides industrial organizations with a structured roadmap to identify, assess, and address threats to their informational assets. In this article, we will break down the key aspects of the standard, its benefits, and how it integrates into a broader security ecosystem.
Industry 4.0 is transforming production environments through the connectivity of OT (Operational Technology) systems, SCADA, Industrial IoT, and automated networks. However, this digital transformation also exposes critical infrastructures to increasingly sophisticated cyberattacks.