According to a report by Jon DiMaggio of Analyst1, the LockBit ransomware gang is struggling to consistently publish stolen data. This is a significant issue for the group, as they use the threat of publishing exfiltrated data to extort ransom payments from their victims. The report claims that the problem is due to limitations in LockBit’s backend infrastructure and available bandwidth. Although LockBit recently updated its infrastructure to address these deficiencies, the report suggests that this is merely a gimmick to cover up the fact that they cannot consistently host and publish large amounts of victim data as promised to their affiliate partners. As a result, LockBit’s reputation has been tarnished, and some of their top affiliates have left for other ransomware groups.
The inability to publish stolen data may impact companies’ willingness to pay a ransom. If there is a lower likelihood that their stolen data will be published, companies may be less inclined to meet the ransom demands. LockBit may need to address their infrastructure issue by considering alternative methods, such as offering stolen data via torrents.
Graham Cluley, a veteran of the cybersecurity industry, suggests that LockBit’s failure to consistently publish victims’ data could have significant implications. He highlights the importance of companies’ perception of the likelihood of their data being made public in their decision to pay a ransom. Cluley also provides additional information about his background and expertise in the cybersecurity field.
In conclusion, the LockBit ransomware gang is facing challenges in publishing stolen data consistently. This issue, along with other shortcomings, has resulted in a tarnished reputation and the departure of top affiliates. The ability to publish data is crucial for the group’s extortion tactics, and their failure to do so may impact companies’ willingness to pay ransoms. LockBit may need to explore alternative methods to address their infrastructure issue and regain their affiliates’ trust.
1. LockBit ransomware gang is struggling to consistently publish stolen data.
2. The issue is attributed to limitations in LockBit’s backend infrastructure and available bandwidth.
3. LockBit’s recent infrastructure update is seen as a cover-up rather than a solution.
4. The group’s reputation has suffered, leading to the departure of top affiliates.
5. Companies may be less likely to pay ransoms if they believe their stolen data will not be published.