Report
LockBit Targeting Ransomware & Digital Extortion
Read ZeroFox Intelligence’s LockBit Targeting Report for a full overview of LockBit activity in the past 7 quarters, including:
- A profile of the LockBit ransomware strain and types of victims targeted
- Analysis of the attack vectors used to deploy LockBit, including vulnerability exploitation and phishing
- A region-by-region breakdown of how LockBit is used globally in ransomware and digital extortion (R&DE) attacks
- A vertical breakdown of industries most affected by LockBit
- ZeroFox Intelligence’s assessment of LockBit’s future evolution and recommendations to improve protection
ZeroFox Intelligence assesses the proficiency of LockBit, a ransomware strain used by threat actors to infect and extort victims. The strain, identified as early as September 2019, is run as a ransomware-as-a-service (RaaS) offering with a subscription-based business model involving the selling or leasing of malicious code to multiple, fee-paying affiliates on dark web forums. Between January 2022 and September 2023, LockBit has been the primary digital extortion threat to all regions, and almost all industries, globally. It has been the most frequently deployed R&DE strain since January 2022.