Varonis announces strategic partnership with Microsoft to accelerate the secure adoption of Copilot.

Learn more
Blog Data Security

Threat Update 51 – LockBit and Insider Threats for Hire

Organizations face threats from all sides – both external attackers trying to get in, and internal “trusted” employees going rogue. It was only a matter of time before these two...
Kilian Englert
1 min read
Last updated October 21, 2021

Contents

    Organizations face threats from all sides – both external attackers trying to get in, and internal “trusted” employees going rogue.

    It was only a matter of time before these two forces combined. The attackers and associates behind the LockBit 2.0 ransomware are skipping the old tried-and-true infiltration vectors like phishing emails, and simply offering cash for disgruntled insiders to provide credentials that will let attackers in through VPN, RDP, or to corporate email addresses.

    Join Kilian and Kyle Roth from the Varonis Incident Response team as they break down some of the details on how LockBit works, provide suggestions on how to spot signs of rogue behavior, and ways organizations can reduce the “blast radius” of a compromised account. 

    Articles and links referenced in this episode:

    LockBit ransomware recruiting insiders to breach corporate networks

    👉To learn how we can help, please visit us at: https://www.varonis.com/help/

    💻Join us virtually for an upcoming webinar to see a full attack lab: https://www.varonis.com/webinars/threat-detection-response/

    What you should do now

    Below are three ways we can help you begin your journey to reducing data risk at your company:

    1. Schedule a demo session with us, where we can show you around, answer your questions, and help you see if Varonis is right for you.
    2. Download our free report and learn the risks associated with SaaS data exposure.
    3. Share this blog post with someone you know who'd enjoy reading it. Share it with them via email, LinkedIn, Reddit, or Facebook.
    Kilian Englert
    Kilian Englert Kilian has a background in enterprise security engineering, as well as security solution selling. Kilian is a Certified Information Systems Security Professional (CISSP) and creates internal and public content on topics related to cybersecurity and technology best practices.

    Try Varonis free.

    Get a detailed data risk report based on your company’s data.
    Deploys in minutes.
    Get started View sample

    Keep reading

    Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

    threat-update-18-–-sanctions-for-ransomware-payments
    Threat Update 18 – Sanctions for Ransomware Payments
    threat-update-18-–-sanctions-for-ransomware-payments
    Kilian Englert
    December 24, 2020
    Would you consider coughing up the bitcoins if you got hit with ransomware? Better think again, you could potentially end up in more trouble! Click to watch Kilian Englert and...
    threat-update-#14---post-ransomware-recovery
    Threat Update #14 - Post-Ransomware Recovery
    threat-update-#14---post-ransomware-recovery
    Kilian Englert
    November 20, 2020
    To stop ransomware, every second counts. But once the threat is contained, the race is on to get back up and running after a ransomware incident. Click to watch Kilian Englert...
    threat-update-#10
    Threat Update #10
    threat-update-#10
    Kilian Englert
    October 22, 2020
    An alert notifies you that something suspicious is going on. Minutes matter, so you call the Varonis Incident Response team to help. Security investigators must act fast, but where do...
    threat-update-28-–-re-ryuk’ed-&-exchange-zero-day
    Threat Update 28 – Re-Ryuk’ed & Exchange Zero-Day
    threat-update-28-–-re-ryuk’ed-&-exchange-zero-day
    Kilian Englert
    March 4, 2021
    Is it too soon for a 2020 throwback? The Ryuk ransomware gang certainly doesn’t think so! It looks like one of the premiere ransomware-as-a-service groups was not content to rest on their laurels, and it appears they’ve added self-spreading capabilities.