top of page

Cyber gangs improvise their tactics to extract more ransom

Cyber criminals, especially the organized gangs indulging in these activities, are revising the ways they blackmail their victims as the ransomware payments are tapering down according to a new report.

The 25-page report Negotiating with LockBit: Uncovering the Evolution of Operations and Newly Established Rules by ransomware cyber crime researcher Anastasia Sentsova and published by cyber security firm Analyst1 in November 2023 said, “On 1 October 2023, one of the most sophisticated ransomware syndicates, LockBit 3.0, announced new rules of negotiations among the members of the group. These rules were aimed at securing larger ransom amounts and increasing the likelihood of payout.”

LockBit is a ransomware gang that is responsible for the recent attacks on Boeing and Industrial Commercial Bank of China among others. The gang has revised the way it tries to blackmail victims because of lower-than-expected ransom payments according to the report.

The Russia-linked group has claimed some of this year’s biggest cyber attacks, however, the syndicate’s financial haul has paled in comparison to some rival gangs according to Ms. Sentsova.

She said the group’s problem is that the group, now has more than 100 affiliates, many of whom are young and inexperienced in negotiations and this “has led to inconsistent and often low ransom amounts that decreased overall revenue and set an unfavourable tone for future negotiations.”

LockBit recruits hackers to conduct the ransomware attacks using its tools and infrastructure and gets a cut of any ransom extorted in the attacks.

A recent meeting between the gang’s main leaders culminated in new rules that went into effect from October 2023 laying out new tactics for hackers to follow when negotiating with the victims of their ransomware attacks.

The guidance details exactly how much to ask for in payouts, even as “the final decision on a ransom payment amount is still at the affiliate’s discretion, depending on their assessment of the damage inflicted on the victim.

The recommendations say that companies with revenue of as much as $100m pay 3% to 10% of their total sales, those with up to $1bn in revenue pay 0.5% to 5% and those with more than $1bn in sales pay 0.1% to 3%.



bottom of page