U.S. and U.K. Disrupt LockBit Ransomware Variant, Indict 2 Russian Nationals

International Law Enforcement Effort Leads to Indictments and Seizures, Aiming to Thwart Cybercriminal Activities

NEWARK, N.J. – In a landmark collaboration, the United States and the United Kingdom, along with international law enforcement partners, have significantly disrupted the operations of the LockBit ransomware group. Recognized as one of the most prolific cybercriminal factions globally, LockBit has targeted over 2,000 victims worldwide, accumulating over $120 million in ransom payments. This concerted effort involved seizing critical infrastructure and indicting two Russian nationals for orchestrating a series of cyberattacks across the U.S. and beyond.

The operation, led by the U.K. National Crime Agency’s Cyber Division in cooperation with the U.S. Department of Justice, FBI, and other global partners, has effectively seized numerous websites and servers pivotal to LockBit's operations. This decisive action not only hampers the group's ability to initiate attacks but also offers a beacon of hope for victims, as authorities have managed to obtain decryption keys to unlock compromised systems.

Attorney General Merrick B. Garland emphasized the significance of this operation, highlighting the relentless pursuit of justice against cybercriminals. “For years, LockBit associates have deployed these kinds of attacks again and again across the United States and around the world. Today, U.S. and U.K. law enforcement are taking away the keys to their criminal operation,” Garland stated, underlining the commitment to dismantling ransomware operations and aiding victims.

Deputy Attorney General Lisa Monaco echoed these sentiments, underscoring the broader strategy to dismantle the ecosystem fueling cybercrime. “Today’s actions are another down payment on our pledge to continue dismantling the ecosystem fueling cybercrime by prioritizing disruptions and placing victims first,” Monaco remarked, highlighting the international resolve to combat cyber threats.

The Justice Department unveiled an indictment against Russian nationals Artur Sungatov and Ivan Kondratyev, accused of deploying LockBit ransomware against numerous targets in the U.S. and internationally. The charges, unsealed in the District of New Jersey, mark a significant step in the ongoing battle against cybercrime, demonstrating the international community's determination to hold cybercriminals accountable.

In a bid to aid victims, the National Crime Agency, alongside the FBI and international partners, has developed decryption capabilities that may enable the restoration of systems affected by LockBit ransomware. Victims are encouraged to reach out to the FBI to explore potential decryption solutions.

FBI Director Christopher A. Wray highlighted the operation's impact, stating, “Through years of innovative investigative work, the FBI and our partners have significantly degraded the capabilities of those hackers responsible for launching crippling ransomware attacks against critical infrastructure and other public and private organizations around the world.”

This operation underscores a unified stance against cybercrime, showcasing the determination of U.S. and international law enforcement to protect citizens and businesses from the scourge of ransomware. As the investigation continues, the commitment to identifying and charging all members of the LockBit group remains unwavering, signaling a relentless pursuit of justice in the digital age.

Victims of LockBit ransomware are urged to contact the FBI for assistance and further information on network protection against such cyber threats is available at StopRansomware.gov. This collaborative effort reflects a milestone in the fight against cybercrime, offering hope and a path forward for victims of ransomware attacks worldwide.