Search
Close this search box.

LockBit Threat Report – A Gridware Technical Paper

Share:

We are pleased to bring readers our latest detailed technical paper. This report results from the work of Gridware’s Incident Response Team on a particularly challenging and interesting case. 

Gridware’s Incident Response team was notified that a victim organisation was compromised with LockBit ransomware.

Ransom notes were left demanding payment in exchange for the decryption keys.

Gridware was engaged to carry out containment activities and conduct an investigation of the incident to assess both a) the original point of entry into the network and b) the potential for data exfiltration to have occurred.

Because the threat actor deleted all of the backups, the victim chose to pay the ransom to acquire all three decryption keys in order to recover critical data from compromised systems.

While Gridware would not recommend that the ransom is paid, in this case, the data that was lost was critical to ensuring that the victim could continue to operate and minimise the business impact.

We outline our work on this particular in detail in this technical paper – you can download it below.

Bethany Cooper

Bethany Cooper is an Incident Response Manager at Gridware Cybersecurity with a passion for cybersecurity. While still at university, she started working in Gridware’s incident response team and was dedicated to battling evil in cyberspace. After completing the SANS FOR508 course and attaining her GCFA certification, her recent research has focused on the motivations and techniques of Advanced Persistent Threat (APT) groups and malware reverse engineering.

Contact

Sydney Offices
Level 12, Suite 6
189 Kent Street
Sydney NSW 2000
1300 211 235

Melbourne Offices
Level 13, 114 William Street
Melbourne, VIC 3000
1300 211 235

Perth Offices
Level 32, 152 St Georges Terrace
Perth WA 6000
1300 211 235

Emergency Assistance

Under Attack?

Please fill out the form and we will respond ASAP. Alternatively, click the button to call us now.
Company

Learn more about the team at the forefront of the Australian Cyber Security scene.

About Us →

Meet the Team →

Partnerships →

Learn more about the team at the forefront of the Australian Cyber Security scene.

Career Opportunities →

Internships →

Media appearances and contributions by Gridware and our staff.

See More →

Services

Services

Whether you need us to take care of security for you, respond to incidents, or provide consulting advice, we help you stay protected.

View all services →

Web App Pen. Test Calculator →

Network Pen. Test Calculator →

Governance & Audit

Legal and regulatory protection

Penetration Testing

Uncover system vulnerabilities

Remote Working & Phishing

Fortify your defenses

Cyber Security Strategy

Adaptation to evolving threats

Cloud & Infrastructure

Secure cloud computing solutions

Gridware 360

End-to-end security suite

Gridware Managed Services

Comprehensive & proactive security

Gridware CloudControl
360

Harness the benefits of cloud technology

Gridware Incident Response 24/7

Swift, expert-led incident resolution

Solutions
Resources

Resources

A collection of our published insights, whitepapers, customer success stories and more.

Customer success stories from real Gridware customers. Find out how we have helped others stay on top of their Cyber Security.

Read More →