The cyberattack that brought Fulton County systems to their knees in late January has entered a new chapter, as international law enforcement agencies, including the UK's National Crime Agency and the FBI, launch a significant counteroffensive. On Monday, they shut down a website operated by a group of cybercriminals — identified as LockBit 3.0 — who earlier claimed responsibility for the Fulton County ransomware debacle, as FOX 5 Atlanta reported.
Caught by the hack, the county's phone, court, and tax systems, along with the jailhouse, became the unsuspecting victim of what officials believe to be a financially motivated assault. During a statement, Robb Pitts, Fulton County Board of Commissioners Chairman, conveyed the breadth of the impact: "A number of our primary technology platforms are affected by this incident." The veiled threat came last week from the LockBit group, asserting that they would leak the data pilfered in the attack unless a ransom was paid by February 16, though it remains unclear if Fulton County yielded to the demand. This information comes from FOX 5 Atlanta.
Brett Callow, a threat analyst with Emsisoft, shed light on the potential ripple effects of darkening the website of LockBit 3.0 in an interview. "It is probably the most significant disruption to date," he said of the international operation targeting the ransomware operators. Known for a Ransomware-as-a-Service (RaaS) business model, LockBit facilitates affiliates who then conduct attacks using their malicious toolset, splitting proceeds with 20% going to the group responsible for creating the ransomware while the affiliates retain the lion's share of 80%. The 11Alive interview also highlighted that the average ransom demanded has spiked to over $1 million in recent years, a stark increase from the $5,000 average seen half a decade ago.
While details remain scant, the gang's website takedown signifies a growing trend of law enforcement's improving ability to derail criminal cyberactivities. According to the U.S. Cybersecurity and Infrastructure Security Agency, since LockBit first appeared on the U.S. scene in 2020, they've been behind more than 1,700 attacks and have pocketed north of $90 million. "People who are involved in ransomware are not as safe as they used to be," Callow detailed, noting that the operations are far-reaching, striking across sectors like government, healthcare, and education. The full extent of the LockBit takedown will unravel following a press conference set in London on Tuesday, where insights into the international law enforcement action are anticipated to be unveiled, as per information shared by 11Alive.
Amidst the chaos, Fulton County is struggling yet determinately working to fortify its cyber defense mechanisms. As they grapple with the repercussions of the cyber siege, officials have yet to disclose if personal information of citizens was indeed compromised, though they vow to comply with legal requirements for notification should the feared reality come to pass. The county’s resilience in the face of adversity stands as a reminder that these types of cyberattacks are becoming increasingly commonplace, targeting the information superhighways that cities like Fulton traverse so dependently, according to FOX 5 Atlanta. With services slowly coming back online, the full scope of the aftermath and the effectiveness of the international intervention remain to be seen.
-2.webp?w=160&h=400&fit=crop&crop=edges)