June 25, 2024

The most probably means the FBI will affiliate particular keys with particular victims — assuming that exact sufferer contacts the authorities — is that “the FBI will generate a script that can run all 7,000-plus keys” towards the sufferer’s still-locked information, Levine mentioned. There’s additionally a chance that LockBit was reusing keys, he mentioned.

A motive to name the FBI

The most important good thing about the FBI announcement, Levine mentioned, is that it offers CISOs a concrete motive to contact the FBI. An issue that many enterprises have when they’re hit with any sort of cyberattack is that they don’t have a present direct FBI contact — together with cellular quantity. Critically, legislation enforcement contacts have to be established for each geographic the place the enterprise has servers. In an emergency, the very last thing an enterprise needs to do is begin reaching out to a federal switchboard.

“That is simply one other nice instance of how legislation enforcement can add actual worth in responding to an incident,” Levine mentioned. “However it’s crucial that organizations develop a private relationship with an current FBI cyber agent previous to the incident. In any other case, organizations could also be spending numerous time tapping their toes to mild jazz throughout an infinite maintain.”