Almost Got Em!

When we talk about the possibility of a cybersecurity incident, do you ever wonder who are the criminal ransomware organizations responsible? We dug a bit deeper into one particular incident whom you may all be familiar with. The compromise within London Drugs.

On February 20, 2024, the UK’s National Crime Agency (NCA) announced that as part of an international effort it had infiltrated and compromised LockBit, one of the largest criminal ransomware organizations in the world. LockBit had become “fundamentally redundant.”, according to Graeme Biggar, the director of the NCA, boasting that “we have hacked the hackers.” Phew, right?

Despite all the rhetoric, on April 28, just over two months later, London Drugs, a major Western Canadian retailer with around 80 big box locations from BC to Manitoba, was forced to close for over a week due to an “operational issue” that was later revealed to be a ransomware attack carried out by none other than LockBit.

This begs the question, if LockBit was so thoroughly compromised, how could they pull off another major breach in such a short time, even while under such major scrutiny by the authorities – authorities who were even claiming to have recovered Personal Identifying Information during their own hack of LockBit’s environment?

LockBit first appeared in 2019, and was originally known by the name “.abcd” before changing to the current name soon after. In less than five years during which LockBit has been around it has racked up well over 3,000 publicly known victims, and it likely has many more we’ve never heard of.

Among its known victims stand major organizations like airplane manufacturer Boeing, the UK’s NHS and Royal Mail, and the Subway chain of fast food restaurants.

The secret to LockBit’s extraordinary reach is two fold. First, by all appearances it runs itself like any legitimate business, even running a bug bounty program for its software, and second, by adopting the as-a-Service model common in IT, and licensing the use of its ransomware to affiliates who then target their victims, rather than carrying out attacks on its own.

In exchange for using its ransomware, LockBit takes an estimated 20% of the ransom, leaving the affiliate who carried out the attack with the remaining 80%. (sweet deal if you can get it!)

The tradeoff for LockBit is that it does not have the same control over who is targeted by its ransomware that other criminal groups have, leading to a much larger variety in the number and types of targets that are chosen, and a higher chance that more sensitive or objectionable locations may fall victim.

In fact on December 31st, 2022, Lockbit issued an apology for the ransomware attack on Toronto’s Hospital for Sick Children, claiming an affiliate violated its rules.  This, however, hasn’t stopped LockBit or its affiliates from targeting other hospitals or health systems, and deaths have been attributed to ransomware attacks in the past. In spite of the unprecedented apology given by LockBit for the attack on a children’s hospital, it should be clear that no one is safe.

All of this leads to the simple question, if major fortune 500 companies are falling victim to these attacks, then what hope do small and medium sized businesses have of avoiding ransomware?  The answer to this question is surprisingly, quite a lot.

Very few successful attacks are carried out with complex hacks these days. Such techniques are time consuming, expensive, and they can be unreliable, as systems get patched and tricks that once worked no longer will.

A robust security infrastructure including Next-gen firewalls, SIEM, MFA, and EDR – among other elements, can help make an operating environment unattractive to threat actors.

However, even with this infrastructure in place, the weakest point for every organization remains the same – its users.  Most attacks come through vectors created directly by users. Whether it be weak passwords, reused passwords, users not locking their devices, allowing strangers access to sensitive areas, or clicking on strange links in emails.

The best way to combat these weaknesses is through Security Awareness Training. This training helps users to understand how they can be manipulated by bad actors, and how they can provide better security themselves.

Only a few months on, it already seems the NCA’s announcement of having taken down LockBit was premature.

At least one major attack has been attributed to it, and although on May 7, 2024 the US Department of Defense announced charges against Dmitry Khoroshev, the alleged leader of the group, he continues to live with impunity in Russia.

Criminal ransomware groups have proven extremely difficult to take down, and even if they can be stopped another one will be there to take over as soon as they are gone.

Ransomware is not going away any time soon, and only looks to get more sophisticated. This is why it is more important than ever that everyone make sure their environment is well defended from serious threat actors.

 

Picture of Author: Adam Macpherson

Author: Adam Macpherson

CS Controls Analyst

Fun Facts

with

Shing

88 percent of cybersecurity breaches are caused by human error.

Fun Facts

with

Shing

97 percent of organizations have seen an increase in cyber threats since the start of the Russia-Ukraine war in 2022.

Fun Facts

with

Shing

Using a single password, hackers infiltrated the Colonial Pipeline Company in 2021 with a ransomware attack that caused fuel shortages across the US.

Fun Facts

with

Shing

A 2021 LinkedIn data breach exposed the personal information of 700 million users or about 93 percent of all LinkedIn members.

Fun Facts

with

Shing

Over 560 million Ticketmaster customers had their information stolen in a 2024 breach.

Fun Facts

with

Shing

In 2023, security breaches saw a 72 percent increase from 2021, which held the previous all-time record.

Fun Facts

with

Shing

The average lifecycle of a breach is 292 days from identification to containment.

Fun Facts

with

Shing

The average time to identify a breach is 194 days.

Fun Facts

with

Shing

The average cost of a data breach was $4.88 million in 2024, the highest average on record.

Fun Facts

with

Shing

Average annual income for a Canadian Cyber Criminal top hacker is $10M per year.
Cyber Criminal Revenue in 2024 is estimated to have hit 9.2 Trillion USD worldwide.

Fun Facts

with

Shing

Criminal Gangs have started Cybersecurity Penetration Schools. Teaching penetration testing...then they convert them to the dark side.

Fun Facts

with

Shing

Crocodiles in Indonesia have learned to “wave” in water, simulating human child drowning. When a person goes to investigate, they become Croc Lunch.

Fun Facts

with

Shing

Grasshoppers, crickets, and locusts: Contain the highest protein content per unit of mass, around 61% on a dry basis

Fun Facts

with

Shing

Llama milk contains more protein than cow and goat milk. Sheep milk, however, has the highest protein.

Fun Facts

with

Shing

North America has a National UFO Reporting Center based out of WA, US.

Fun Facts

with

Shing

The very first Flat Earth International Conference was held in Edmonton, Alberta.

Fun Facts

with

Shing

Southern Alberta is tied with Southern Saskatchewan as the sunniest place in Canada, with over 2,375 hours of bright sunshine a year.

Fun Facts

with

Shing

The Guinness Book of World Records lists Commonwealth Bay, Antarctica as the windiest place on the planet. Katabatic winds are recorded at over 150 mph on a regular basis

Fun Facts

with

Shing

Lethbridge is the 2nd windiest City in Canada. The winner is Saint Johns, NFL. Calgary is the biggest large Wind City.

Fun Facts

with

Shing

90% of all Canadians live within 160 km of the US border.

Fun Facts

with

Shing

Canada is the home to 10% of the world’s forests.

Fun Facts

with

Shing

Canada has more lakes than the rest of the world combined.

Fun Facts

with

Shing

Alberta has the highest concentration of US Citizens living in Canada.

Fun Facts

with

Shing

33% of Calgarians are foreign-born.

Fun Facts

with

Shing

Calgary has the 2nd highest concentration of head offices across Canada. The first one is Toronto.

Fun Facts

with

Shing

Calgary has the highest GDP of any other city in Canada. (stats as of 2022)

Fun Facts

with

Shing

The majority of Canadian hockey players shoot left. Whereas the majority of US hockey players shoot right.

Fun Facts

with

Shing

Canada’s most played sport? GOLF! Followed by Hockey.

Fun Facts

with

Shing

Canada has the most left-handed golfers in the world (due to hockey).

Fun Facts

with

Shing

We call our Canadian Geese a different name - Cobra Chickens!

Fun Facts

with

Shing

Gravitational time dilation is a scientific theory that Gravity is produced due to time difference based on height.

Fun Facts

with

Shing

The Edmonton Oilers have won the Stanley Cup 5 times, last one being 1990.

Fun Facts

with

Shing

Heinz scientists have figured out that the optimal flow of ketchup is roughly 0.045 km per hour.

Fun Facts

with

Shing

Canada has a National Maple Syrup Reserve.

Fun Facts

with

Shing

Canada has a National Butter Reserve.

Fun Facts

with

Shing

Tim Berners-Lee invented the World Wide Web in 1990.

Fun Facts

with

Shing

A large part of northern Canada has lower gravity than the rest of the planet.

Fun Facts

with

Shing

There’s one bear for every two people in the Yukon.

Fun Facts

with

Shing

The first thanksgiving was celebrated in Newfoundland on May 27, 1578. The meal consisted of salted beef, biscuits, and peas.

Fun Facts

with

Shing

The coldest temperature ever recorded in North America was -63c in Snag, a small village in the Yukon.

Fun Facts

with

Shing

A Canadian robot named Dextre does repairs to the international space station.

Fun Facts

with

Shing

It’s legal to have a kangaroo as a pet in Alberta.

Fun Facts

with

Shing

Saskatchewan is the world’s largest exporter of mustard. The US eats most of it.

Fun Facts

with

Shing

At the end of WW2 Canada had the third largest navy in the world and 4th largest air force.

Fun Facts

with

Shing

Yonge Street is the longest street in the world and touches the Great Lakes and Cooks Bay.

Fun Facts

with

Shing

Mount Logan is the highest mountain in Canada.

Fun Facts

with

Shing

Sweden has the most islands in the world – over 220,000!

Fun Facts

with

Shing

The whopee cushion was invented in Canada.

Fun Facts

with

Shing

Little Lake Manitou, Saskatchewan is 5 times saltier than the ocean.

Fun Facts

with

Shing

The oldest known rock, discovered in Hudson Bay, is 4 billion years old.

Fun Facts

with

Shing

Canada has more doughnut shops per person than any other country.

Fun Facts

with

Shing

Alberta is the hail capital of the world.

Fun Facts

with

Shing

It would take 33 years to walk the coastline.

Fun Facts

with

Shing

Until 1995, it was illegal for margarine to be yellow.

Fun Facts

with

Shing

Quebec produces more than 70% of the world’s supply of maple syrup.

Fun Facts

with

Shing

Winnipeg consumes the most slurpees in the world.

under maintenance

The CLIENT PORTAL is currently undergoing maintenance.

For service, please email service@shingdigital.com or call 1-866-238-4941.