Is it possible that ransomware gangs actually have a heart?
Last month, Illinois school districts report We work closely with cybersecurity insurers to determine the extent of damage suffered from ransomware attacks.
Olympia Community Unit School District 16, the largest school district in Illinois covering approximately 377 square miles, was hit by a ransomware attack on Sunday, February 26, 2023 after being targeted by affiliates of the infamous LockBit ransomware group. It turns out that I received
Before long, a LockBit leak site on the dark web began counting down until April 12th and said it would release all stolen data unless a ransom was paid.
LockBit, like many other ransomware operations, effectively offers a Ransomware as a Service (RaaS) business. Affiliates can deploy ransomware and use its infrastructure in conducting extortion attacks against companies and organizations.
In effect, RaaS operations like LockBit give the ability to launch ransomware attacks into the hands of those who are authorized to become affiliates. So digital extortion isn’t just the domain of tech-savvy geeks who have no qualms about breaking the law. Anyone can launch a ransomware attack.
But that’s not to say criminal groups like LockBit don’t have specific standards for “partners.”
In this case, the affiliate that launched the ransomware attack against Olympia Community Unit School District 16 (or Olympia CUSD16 for short) does not appear to be among LockBit’s good books. Because the group has expressed remorse for hacking into servers used by innocent school children. .
LockBit admins updated the leak site to apologize to the school district, offer free decryption keys, and claim that responsible affiliates are barred from using the ransomware in the future.
“Please forgive me for allowing attacks on innocent little children. The stolen data has been deleted. To get the decryption tool, please provide the decryption ID. I am very embarrassed.” , I can’t control all partners, anyone can join my affiliate program, I have blocked this partner as well as breaking the rules.”
Ransomware gangs have been profiting from the misfortunes and hardships of others for years, so I don’t think empathy or human civility is common among ransomware gangs. But at least this time around, I’m glad LockBit seems to have reconsidered and made things easier for the district, its staff, and its students.