Assistant director of the FBI’s Cyber Division Bryan Vorndran (pictured) might have the key to unscramble your  files.

Spy Warez

What’s the craic? Sergiu Gatlan reports: FBI recovers 7,000 LockBit keys, urges ransomware victims to reach out

“$1 billion in ransoms”
FBI Cyber Division Assistant Director Bryan Vorndran announced, … ”We are reaching out to known LockBit victims and encouraging anyone who suspects they were a victim to visit our Internet Crime Complaint Center.” … This call to action comes after law enforcement took down LockBit’s infrastructure … in an international operation dubbed “Operation Cronos.”
…
After analyzing the seized data, the UK’s National Crime Agency and the U.S. Justice Department estimate the gang and its affiliates have raked in up to $1 billion in ransoms following 7,000 attacks. … The U.S. State Department now offers $10 million for any information that would lead to LockBit leadership arrest or conviction and an extra $5 million reward for tips leading to the arrest of LockBit ransomware affiliates.

Is this useful? Maybe. Evan Schuman explains how: FBI offers to share 7,000 LockBit ransomware decryption keys with CISOs

“Russian-speaking countries”
The FBI … is encouraging corporate victims to come forward to see if the keys can unlock any of their data. … It is unknown how many of the keys are functional. But there is an excellent chance that many of the obtained keys are still effective and could unlock data from enterprise victims who chose to not pay the ransom or were given keys that … didn’t work.
…
Vorndran, in his speech, said that the FBI is still seeing ransomware groups in the same countries where they have historically been based: “Almost all of the criminals developing sophisticated malware to enable ransomware attacks are based in Russian-speaking countries and operate as organized crime syndicates.”

Horse’s mouth? Bryan Vorndran and his crack team of scriptwriters: Remarks at the 2024 Boston Conference on Cyber Security

“He is a criminal”
Given FBI’s history, it should not be surprising that one of our core focuses is … to disrupt cybercriminals and raise their cost to operate. … It’s an all-tools/all-partners approach.
…
LockBit was set up by a Russian coder named Dimitri Khoroshev … using online aliases like “Putinkrab,” “Nerowolfe,” and “LockBitsupp.” … He is a criminal: … LockBit scams run the way local thugs used to demand “protection money” from storefront businesses. … We will not go easy on him.

Did someone say “Russian-speaking”? This Anonymous Coward jumps to conclusions:

Russia seems happy to be seen as a criminal state. It’s a pity but Russia seems to be criminal from the lowest crooks stealing from the west to the Kremlin stealing from the country. Criminality seems to be an honoured national trait rather than one to be avoided.

OK, but how do we fix the underlying problem? Applehu Akbar suggests two related ideas:

Why didn’t the FBI simply publish the keys? Here’s nonrandomstring:

This is not the first time the FBI cracked a ransomware operation. … The real story is they got the keys.
…
In the past they’ve just published them [but] this is how you do law enforcement: Win hearts and minds with practical redress. Otherwise you’re just cutting heads of a hydra.

Or, alternatively, see Wickwick’s viewpoint:

Meanwhile, u/Fallingdamage imagines the scene:

“Hmm, I see that you need a key to unlock your data, but you didn’t report this breach to the FBI as the law required. Here’s a big fine. We’ll talk about that key later.”

And Finally:

A quality lesson by Professor Calman Cleasadair

Previously in And Finally

You have been reading SB  Blogwatch by Richi  Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites—so you don’t have to. Hate mail may be directed to  @RiCHi, @richij, @[email protected], @richi.bsky.social or [email protected]. Ask your doctor before reading. Your mileage may vary. Past performance is no guarantee of future results. Do not stare into laser with remaining eye. E&OE. 30.