LockBit criminals tightens ransom demands

Ransomware group Lockbit has modified its organizational strategy on negotiations in a bid to increase its illicit revenue, BNN Bloomberg reports. According to a report from cyber threat intelligence firm Analyst1, the gang's leadership has expressed disappointment in its ransom payouts being lower than those of rival ransomware groups. This was attributed to the organization's rapid expansion and addition of "young and inexperienced" affiliates, the report stated. In response, new rules were established detailing negotiation tactics that affiliates are required to adhere to, such as demanding 3% to 10% of total sales from victims with revenue of up to $100 million, 0.5% to 5% for firms with up to $1 billion in sales, and 0.1% to 3% for firms with revenue exceeding $1 billion. However, "the final decision on a ransom payment amount is still at the affiliates discretion, depending on their assessment of the damage inflicted on the victim," said the report. LockBit was responsible for several of the largest ransomware incidents of 2023, including attacks on Boeing Co., Industrial Commercial Bank of China, and the Royal Mail of the United Kingdom.