Â鶹´«Ã½

Business

    • What is LockBit, the malicious software used against Indigo, SickKids?

    Share
    TORONTO -

    Indigo Books & Music Inc. revealed this week that a massive systems outage it's been dealing with for almost a month was triggered by ransomware.

    The retailer, which lost access to its website and payments capabilities, said the attack deployed LockBit, a malicious software increasingly cropping up in digital security breaches.

    What is LockBit?

    LockBit is both a cyberattack group and a malicious software used to carry out criminal attacks.

    LockBit, the group, operates as a ransomware-as-a-service business, where teams develop malware that is licensed to affiliate networks, which use it to carry out attacks, said Sumit Bhatia, the director of innovation and policy at the Rogers Cybersecure Catalyst at Toronto Metropolitan University.

    Security software company BlackBerry's website says LockBit malware infiltrates its targets' networks through unpatched vulnerabilities, insider access and zero-day exploits -- flaws in software discovered before the company which created it realizes the problem, giving them "zero days" to fix it.

    LockBit is then able to establish control of a victim's system, collect network information and steal or encrypt data, the site said.

    "LockBit attacks typically employ a double extortion tactic to encourage victims to pay, first, to regain access to their encrypted files and then to pay again to prevent their stolen data from being posted publicly," BlackBerry said.

    How prolific is LockBit?

    LockBit has made at least $100 million in ransom demands and extracted tens of millions of dollars in payments from victims, said a court document filed in the District of New Jersey in a 2022 case against a suspected LockBit member.

    LockBit emerged as early as January 2020 and members have since executed at least 1,000 LockBit attacks against victims in the U.S. and around the world, the document alleged.

    Who is behind LockBit?

    That's a tricky question, said Bhatia, because "these folks operate in such shadows."

    "But what we understand largely is that there's a deep connection to Russia and to former members of the Russian community, who may not necessarily be based out of Russia anymore, but could be operating from a series of different locations across Europe, and form a part of this large network that LockBit has launched," he added.

    That means LockBit members could be located anywhere in the world. In November, for example, the U.S. Department of Justice charged dual Russian and Canadian citizen Mikhail Vasiliev in connection with his alleged participation in a LockBit ransomware campaign.

    Was Indigo's cyberattack carried out by the LockBit gang or someone using LockBit software?

    Indigo has said its network was "accessed by (alleged) criminals who deployed ransomware software known as LockBit," but added it does not know specifically who is behind the attack.

    Where else has LockBit been involved?

    Toronto's Hospital for Sick Children experienced a ransomware attack in December that affected operations. LockBit claimed one of its partners carried out the attack, which the group eventually apologized for, saying attacks on hospitals violate its rules.

    LockBit's other victims include the U.K.'s Royal Mail, French technology group Thales and the Lisbon Port Authority in Portugal.

    What can companies do to avoid being a victim to a LockBit attack?

    LockBit relies primarily on phishing attacks, said Bhatia.

    Phishing generally starts with fraudulent emails or text messages meant to look like they've been sent by a trustworthy company. They often dupe people into entering confidential information such as passwords into a fraudulent website or downloading malware onto a computer with access to a company's network.

    "Ransomware, especially through phishing, does often come down to the human element," said Bhatia.

    That means the best way to stop it is to ensure that staff are cautious and understand how to review links and messages they get to avoid scams.

    "It's really understanding how to be on the lookout for something that is seen as suspicious," Bhatia said.

    Is it a good idea to pay attackers to access your system or decrypt data and files if you're attacked with ransomware?

    "From a law enforcement perspective, organizations are encouraged not to pay and that's ... because you're not really guaranteed, even after paying that you're not going to be affected adversely," Bhatia said.

    "You can't really rely on the commitments being made by these attackers."

    Authorities also discourage paying because it encourages criminals to continue their attacks and propagates a cycle, he said.

    However, he noted "small businesses don't always have the luxury of not paying or those that are working with critical sectors, where access to that data or access to those systems is critical and can have a severe adverse effect."

    Indigo has refused to pay its attackers, who the company said planned to post on the dark web the employee data it stole.

    "The privacy commissioners do not believe that paying a ransom protects those whose data has been stolen, as there is no way to guarantee the deletion/protection of the data once the ransom is paid," Indigo said on its website.

    "Additionally, we cannot be assured that any ransom payment would not end up in the hands of terrorists or others on sanctions lists."

    This report by The Canadian Press was first published March 3, 2023.

    CTVNews.ca Top Stories

    Canadian musician Jacob Hoggard has been found not guilty of sexually assaulting a young woman in northeastern Ontario eight years ago. The former Hedley frontman had pleaded not guilty to sexual assault.

    Police have arrested a Toronto woman in connection with three recent homicides and investigators say that they believe two of the victims may have been 'randomly targeted.'

    The body of a British Columbia mountain climber has been located and recovered after the 39-year-old man was reported missing during a solo climb on Washington state's Mount Baker earlier this week.

    A teen charged with the murder of another teen on Prince Edward Island last year has pleaded guilty to a lesser charge of manslaughter.

    Canada

    • Police have arrested a Toronto woman in connection with three recent homicides and investigators say that they believe two of the victims may have been 'randomly targeted.'

    • The body of a British Columbia mountain climber has been located and recovered after the 39-year-old man was reported missing during a solo climb on Washington state's Mount Baker earlier this week.

    • A Saskatchewan man living in the United States has pleaded guilty to possessing child pornography after he unknowingly provided disturbing videos to an FBI agent he thought was a pedophile.

    • Melissa Duff-Shore, a Cambridge, Ont. woman who killed her daughter in 2020, has been ordered to a forensic hospital in St. Thomas.

    • Canadian musician Jacob Hoggard has been found not guilty of sexually assaulting a young woman in northeastern Ontario eight years ago. The former Hedley frontman had pleaded not guilty to sexual assault.

    • A northeastern Ontario jury has started deliberating in Canadian musician Jacob Hoggard's sexual assault trial, we can now tell you what they weren't allowed to hear.

    World

    Politics

    Health

    Sci-Tech

    Entertainment

    Business

    Lifestyle

    • A five-seat sushi counter located inside another restaurant is the latest Vancouver eatery to receive a Michelin star.

    • What does New Westminster's tÉ™mÉ™sewÌ“txÊ· Aquatic and Community Centre have in common with a historic 68,000-seat stadium in Beijing, an NFL stadium and the aquatics venue for the Paris Olympics? They've all been named among the world's most beautiful sports venues for 2024.

    Sports

    Autos

    • A Pickering, Ont., student going to college to be a mechanic is shocked the engine in his two-year-old car will not be repaired under warranty after the dealership claimed he had been 'over-revving' the engine.

    • A group of classic car enthusiasts donated hundreds of blankets to nursing homes in Nova Scotia.

    Local Spotlight

    Chantal Kreviazuk is set to return to Winnipeg to mark a major milestone in her illustrious musical career.

    From the beaches of Cannes to the bustling streets of New York City, a new film by a trio of Manitoba directors has toured the international film festival circuit to much pomp and circumstance.

    A husband and wife have been on the road trip of a lifetime and have decided to stop in Saskatchewan for the winter.

    The grave of a previously unknown Canadian soldier has been identified as a man from Hayfield, Man. who fought in the First World War.

    A group of classic car enthusiasts donated hundreds of blankets to nursing homes in Nova Scotia.

    Moving into the second week of October, the eastern half of Canada can expect some brisker fall air to break down from the north

    What does New Westminster's təməsew̓txʷ Aquatic and Community Centre have in common with a historic 68,000-seat stadium in Beijing, an NFL stadium and the aquatics venue for the Paris Olympics? They've all been named among the world's most beautiful sports venues for 2024.

    The last living member of the legendary Vancouver Asahi baseball team, Kaye Kaminishi, died on Saturday, Sept. 28, surrounded by family. He was 102 years old.

    New data from Greater Vancouver and the Fraser Valley shows a surge in supply and drop in demand in the region's historically hot real estate market.

    • We haven't heard the candidates talk much about education during B.C.'s 2024 election campaign, but the teachers' union is trying to put the spotlight on that issue.

    • A dispute over the ownership of a Surrey condo that contributed to a falling-out between sisters has been addressed in B.C. Supreme Court.

    • Cyndi Fosco was born with severe myopia. When her vision deteriorated to only 5 per cent, she knew she needed help navigating. So three years ago, she was matched with her service dog Aaliyah.

    • Police have arrested a Toronto woman in connection with three recent homicides and investigators say that they believe two of the victims may have been 'randomly targeted.'

    • Canadian musician Jacob Hoggard has been found not guilty of sexually assaulting a young woman in northeastern Ontario eight years ago. The former Hedley frontman had pleaded not guilty to sexual assault.

    • Toronto Public Health has confirmed two cases of listeria in the city believed to be connected to ready-to-eat deli meat products sold by Summerhill Market.

    • Three Calgary businesses have been ordered to shut down after inspectors discovered evidence of uninspected meat.

    • A person was airlifted to hospital following a serious crash in Taber, Alta., on Friday morning. Taber RCMP responded to the scene on Highway 864 around 10:30 a.m., for a crash involving an SUV and a semi-truck.

    • Alberta Health Services (AHS) says it is taking immediate action to expedite care for patients who had referrals to community health-care providers delayed.

    • The owner of a Gatineau, Que. café says it's 'silly' that Quebec's language watchdog is telling the business to write its Instagram posts in French.

    • Gas prices in Ottawa are set to rise this weekend after a slight uptick overnight.

    • Canadian musician Jacob Hoggard has been found not guilty of sexually assaulting a young woman in northeastern Ontario eight years ago. The former Hedley frontman had pleaded not guilty to sexual assault.

    • At least two people are dead and others are injured after a fire ripped through a century-old building in Old Montreal early Friday morning, sources told Noovo Info.

    • The owner of a Gatineau, Que. café says it's 'silly' that Quebec's language watchdog is telling the business to write its Instagram posts in French.

    • A 28-year-old female driver was seriously injured in a three-vehicle collision Friday afternoon in Saint-Rémi, Montérégie, reports the Sûreté du Québec (SQ).

    • A letter from Edmonton's mayor to the Alberta government detailing the city's fiscal wishlist ahead of next year's budget calls for fair treatment for the capital city, something several city councillors say isn't already happening.

    • A new docu-series that reveals what life is like for National Hockey League players on and off the ice during the playoffs is now out.

    • A first-of-its-kind drone delivery system--at the Edmonton International Airport--is expanding.

    • A teen charged with the murder of another teen on Prince Edward Island last year has pleaded guilty to a lesser charge of manslaughter.

    • The federal Fisheries Department says it is concerned about a "pattern" of violence and threats toward its enforcement officers after two tense incidents off southwestern Nova Scotia last month.

    • Friday marked the grand opening of 22 new seniors' apartments built from the ground-up on Pitt Street in Sydney Mines, N.S.

    • A new report from Doctors Manitoba is calling for major changes to the way sick notes are issued in Manitoba, saying they are a waste of time for doctors and employers.

    • With winter right around the corner, thousands of feathered friends are flying south. New technology in Assiniboine Park is helping researchers around the world unlock the mysteries of this migration.

    • Manitoba RCMP arrested a man after he allegedly pulled over two women on the highway pretending to be an RCMP officer.

    • A Saskatchewan man living in the United States has pleaded guilty to possessing child pornography after he unknowingly provided disturbing videos to an FBI agent he thought was a pedophile.

    • A group of climate activists is challenging SaskPower's move towards natural gas, arguing it violates their Charter rights.

    • Regina kids facing mobility issues were gifted toy cars through the Go Baby Go program.

    • Police have laid charges after a car crashed into the side of a Kitchener home early Friday morning.

    • Melissa Duff-Shore, a Cambridge, Ont. woman who killed her daughter in 2020, has been ordered to a forensic hospital in St. Thomas.

    • A Guelph coach has scored touchdown after touchdown in her development of the football program at Bishop Macdonell Catholic High School.

    • The Saskatchewan Teachers' Federation hosted a virtual election forum on education Thursday evening, giving candidates in the provincial election a chance to share their thoughts and answer questions on issues teachers find most important.

    • A Saskatchewan man living in the United States has pleaded guilty to possessing child pornography after he unknowingly provided disturbing videos to an FBI agent he thought was a pedophile.

    • Saskatoon police arrested a homeless person at the scene of an encampment underneath the University Bridge on Friday morning.

    • Canadian musician Jacob Hoggard has been found not guilty of sexually assaulting a young woman in northeastern Ontario eight years ago. The former Hedley frontman had pleaded not guilty to sexual assault.

    • Two police officers in Greater Sudbury required medical attention for injuries they received arresting a man for the second time in just two days.

    • Police have arrested a Toronto woman in connection with three recent homicides and investigators say that they believe two of the victims may have been 'randomly targeted.'

    • The Ministry of Labour is investigating a workplace incident that claimed the lives of two people in Georgian Bluffs, south of Owen Sound.

    • Eleven victim impact statements were submitted into court during the proceedings.

    • Middlesex OPP have shuttered a road between Mount Brydges and Komoka today - Amiens Road is currently closed between Glendon Drive and Oriole Drive.

    • A woman whose son died last month while at a Penetanguishene, Ont. beach with another family member wants to see safety increased at the beach.

    • The Ministry of Labour is investigating a workplace incident that claimed the lives of two people in Georgian Bluffs, south of Owen Sound.

    • Provincial police are investigating a collision along Highway 400 in Tay Township Friday afternoon.

    • A London, Ont. man, who pleaded guilty earlier this year in a harassment case, has been sentenced to two months in jail for criminal harassment of a Windsor, Ont. family.

    • Hike Metal has added more security since a $20,000 ship propeller was stolen, while Crime Stoppers is still looking for tips on possible suspects

    • The City of Windsor is on the right path to adding much needed housing inventory to the stock, according to city officials.

    • We haven't heard the candidates talk much about education during B.C.'s 2024 election campaign, but the teachers' union is trying to put the spotlight on that issue.

    • The body of a British Columbia mountain climber has been located and recovered after the 39-year-old man was reported missing during a solo climb on Washington state's Mount Baker earlier this week.

    • Many British Columbians were shaken awake early Friday morning when an earthquake struck in the Strait of Georgia, about 18 kilometres southwest of Tsawwassen.

    • Three young suspects have been arrested in connection with a swarming attack on a teenager in B.C.'s Okanagan last week – and authorities have asked the public to stop circulating disturbing videos of the incident.

    • A father in Kelowna is furious after his 13-year-old daughter was brutally beaten on Gyro Beach. He is calling for criminal charges in the devastating attack, which was caught on video by multiple bystanders.

    • The officer who shot and killed a forcible confinement suspect in Kamloops two years ago was justified in doing so, according to the Independent Investigations Office of B.C.

    • A person was airlifted to hospital following a serious crash in Taber, Alta., on Friday morning. Taber RCMP responded to the scene on Highway 864 around 10:30 a.m., for a crash involving an SUV and a semi-truck.

    • To enhance inclusivity at Lethbridge Polytechnic, the institution has launched a new accessibility micro-credential.

    • WestJet has changed its operations at the Lethbridge Airport, and it means there's now only a single daily flight from Lethbridge to Calgary, down from three flights a day, as offered previously.

    • Two teens, ages 14 and 19, have been charged with arson in connection with a July 14 fire in Cat Lake First Nation that destroyed $500,000 in construction materials.

    • A northeastern Ontario jury has started deliberating in Canadian musician Jacob Hoggard's sexual assault trial, we can now tell you what they weren't allowed to hear.

    • A suspect who accused Thunder Bay police of being responsible for his throat injury actually hurt himself when he swallowed a large amount of drugs.

    N.L.

    Shopping Trends

    The Shopping Trends team is independent of the journalists at Â鶹´«Ã½. We may earn a commission when you use our links to shop. Read about us.

    Stay Connected
    Follow Â鶹´«Ã½