The Cybersecurity and Infrastructure Security Agency and other agencies released a joint cybersecurity advisory on detection methods associated with LockBit 3.0 ransomware affecting Citrix systems.

Details: LockBit 3.0 affiliates have conducted attacks against organizations of varying sizes across multiple critical infrastructure sectors, including financial services. The latest advisory includes indicators of compromise and techniques shared by Boeing, which has observed affiliates exploiting the vulnerability.

Background: The Financial Services Information Sharing and Analysis Center recently released a white paper on LockBit, one of the most prolific ransomware groups since 2019. LockBit runs a Ransomware-as-a-Service operation, which allows its “affiliates,” or customers, to deploy ransomware attacks using the LockBit product.

ICBA Security Resources: Additional community bank security resources are available to ICBA members on ICBA’s Cyber and Data Security resource center.