LockBit Hackers Nabbed in Multinational Investigation; Japan’s Police Agency Develops Data Recovery Technology
15:58 JST, February 21, 2024
Key members of the international hacker group LockBit were arrested following investigations by law enforcement authorities in 10 countries, including Japan, the United States and European nations, authorities said Tuesday.
More than 200 cryptocurrency accounts and 34 servers related to the ransomware group were frozen or taken down, according to the announcement.
In the course of the investigation, Japan’s National Police Agency developed the world’s first method to restore data that had been rendered unusable by a Lockbit attack, which could help reduce future damage.
A series of LockBit attacks have caused harm in Japan, including the October 2021 system shutdown at Tsurugi municipal Handa Hospital in Tsurugi, Tokushima Prefecture, and the July 2023 shutdown of the container management system at Nagoya Port.
Named “Operation Cronos,” the joint investigation was carried out by the European Union Agency for Law Enforcement Cooperation (Europol) and police agencies from countries such as Japan, the United States, the United Kingdom, France and Australia.
According to the NPA and other sources, two LockBit members were arrested in Poland and Ukraine at the request of French authorities, while the U.S. and French authorities opened investigations into five cases and obtained arrest warrants for three cases.
LockBit became active around 2019. It broke into the systems of companies and other organizations, encrypted data, and then demanded payment for restoring the data while threatening to disclose the information. The group is believed to have several hundred members, most of them from the former Soviet bloc. More than 100 cases of related damage have been reported in Japan since 2021.
Europol claims that the group had caused billions of euros worth of damage. According to U.S. authorities, among the people charged for related crimes in the United States is a Russian national who was involved in attacks against targets in Japan and the United States, among other countries.
According to Yu Arai, a security expert at NTT Data Group Corp., LockBit is believed to have been involved in approximately 970 cases, or about 20% of the about 4,500 cases of damage caused worldwide by ransomware attacks last year.
The National Police Agency developed technology to restore data encrypted by LockBit, and several companies and other entities in Japan are said to have succeeded in recovering data.
"Society" POPULAR ARTICLE
-
JICA Employee Suspected of Leaking Info on ODA Project in Manila; Bidding for Railway Renovation May Have Been Impacted
-
‘Doraemon’ Voice Actress Nobuyo Oyama Dies at 90; Also Voiced Katsuo in Anime ‘Sazae-san’ (UPDATE 1)
-
Typhoon Kong-rey to Reach South of Japan’s Okinawa on Thursday; JWA Urges High Alert for Strong Winds, Heavy Rain
-
Japan’s Nihon Hidankyo Wins Nobel Peace Prize; Hibakusha Group Campaigns against Nuclear Weapons (UPDATE 3)
-
Typhoon Trami Forms East of Philippines, Moving Westward
JN ACCESS RANKING
- Asukayama Monorail in Tokyo: Free to Ride!
- Japan Trying to Draw Digital Nomads, Who Are Seen as Beneficial to Economy, Society
- JICA Employee Suspected of Leaking Info on ODA Project in Manila; Bidding for Railway Renovation May Have Been Impacted
- G20 Sees Soft Landing for Global Economy; Leaders Pledge to Resist Protectionism as Trump Calls for Imported Goods Flat Tariff
- Japanese Automakers Team Up on Software Development; Aim to Compete with U.S., China in SDV Market