The Financial Services Information Sharing and Analysis Center released a white paper on LockBit, one of the most prolific ransomware groups since 2019.

Background: LockBit runs a Ransomware-as-a-Service operation, which allows its “affiliates,” or customers, to deploy ransomware attacks using the LockBit product. LockBit and its affiliates are known to employ double extortion tactics, exfiltrating data before performing encryption to encourage ransom payment.

White Paper: The FS-ISAC white paper spotlights how LockBit gains access to victim networks, its encryption and exfiltration methods, and financial institution mitigation techniques.

ICBA Security Resources: Additional community bank security resources are available to ICBA members on ICBA’s Cyber and Data Security resource center.