www.insurancejournal.com
Open in
urlscan Pro
169.61.31.50
Public Scan
URL:
https://www.insurancejournal.com/news/international/2023/02/03/705897.htm
Submission: On February 06 via api from US — Scanned from DE
Submission: On February 06 via api from US — Scanned from DE
Form analysis 7 forms found in the DOM
GET /search/
<form action="/search/" method="get" class="clearfix">
<input type="hidden" value="news" name="section">
<label for="search-query-news" class="sr-only">Search News</label>
<input type="text" class="large" name="q" id="search-query-news" value="">
<input type="submit" value="Search">
</form>GET /search/
<form action="/search/" method="get" class="clearfix">
<input type="hidden" value="markets" name="section">
<label for="search-query-markets">Search Markets</label>
<input type="text" class="large" name="q" id="search-query-markets" value="">
<input type="submit" value="Search">
</form><form class="feedback-form">
<p>Thank you! Please tell us what we can do to improve this article.</p>
<textarea placeholder="Enter your feedback..."></textarea>
<button type="submit" class="submit" disabled="">Submit</button>
<button class="cancel">No Thanks</button>
</form><form class="feedback-form">
<p>Thank you! <span class="percent"></span>% of people found this article valuable. Please tell us what you liked about it.</p>
<textarea placeholder="Enter your feedback..."></textarea>
<button type="submit" class="submit" disabled="">Submit</button>
<button class="cancel">No Thanks</button>
</form>POST https://www.insurancejournal.com/subscribe/topics
<form action="https://www.insurancejournal.com/subscribe/topics" method="post">
<input type="hidden" name="subscriber_source" value="ij/single-footer">
<input type="hidden" name="topics[]" value="agencies">
<input type="hidden" name="brand" value="insurancejournal">
<input type="hidden" name="post_id" value="705897">
<input type="text" name="twitter" class="twitter-input">
<input type="email" name="email" placeholder="Enter your email..." required="required">
<button type="submit">Submit</button>
</form>POST https://www.insurancejournal.com/wp/wp-comments-post.php
<form action="https://www.insurancejournal.com/wp/wp-comments-post.php" method="post" id="commentform" style="display: none;">
<p class="comment-notes">Your email address will not be published. Required fields are marked <span class="required">*</span></p>
<p class="comment-form-author"><label for="author">Name</label> <span class="required">*</span><input id="author" name="author" type="text" value="" size="30" aria-required="true"></p>
<p class="comment-form-email"><label for="email">Email</label> <span class="required">*</span><input id="email" name="email" type="text" value="" size="30" aria-required="true"></p>
<p class="comment-form-comment"><label for="comment">Comment</label><textarea id="comment" name="comment" cols="45" rows="8" aria-required="true"></textarea></p>
<p class="form-submit">
<input name="submit" type="submit" id="submit" value="Post Comment">
<input type="hidden" name="comment_post_ID" value="705897" id="comment_post_ID">
<input type="hidden" name="comment_parent" id="comment_parent" value="0">
</p>
<p style="display: none;"><input type="hidden" id="akismet_comment_nonce" name="akismet_comment_nonce" value="4eab79f906"></p>
<p style="display: none !important;"><label>Δ<textarea name="ak_hp_textarea" cols="45" rows="8" maxlength="100"></textarea></label><input type="hidden" id="ak_js_1" name="ak_js" value="1675670277248">
<script>
document.getElementById("ak_js_1").setAttribute("value", (new Date()).getTime());
</script>
</p>
<p><input type="checkbox" name="notify_me" id="notify_me" value="yes"><label for="notify_me">Notify me of comments via e-mail</label></p> <input type="hidden" name="redirect_to" value="/news/international/2023/02/03/705897.htm">
</form>GET /search/
<form action="/search/" method="get">
<input type="text" name="q" value=""> <input type="submit" value="Go">
</form>Text Content
Skip to content * MyNewMarkets.com * Claims Journal * Insurance Journal TV * Academy of Insurance * Carrier Management FEATURED STORIES * Tesla Competing With ‘GEICOs of the World’ * Conn. High Court Upholds Insurers’ COVID BI Appeals * News * Markets Search News Search Markets CURRENT MAGAZINE * Read Online * Subscribe * Front Page * National * International * Most Popular * Magazine * Forums * Blogs * Videos/Podcasts * Newsletters * News * Most Popular * National * International * East * Midwest * South Central * Southeast * West * Magazines * East * Midwest * South Central * Southeast * West * Subscribe * Research * Directories * Jobs * Features * Events * Forums * Insurance Twitter * Market Directories * Quotes * Polls * Rankings & Awards * Insurance Giving Back * Subscribe HACKERS OF ION TRADING ALSO HIT UK POSTAL SERVICE, CANADA HOSPITAL, U.S. LOCAL AGENCIES By Jeff Stone and Ryan Gallagher | February 3, 2023 Email This Subscribe to Newsletter Email to a friend Facebook Tweet LinkedIn Print Article * Article * 0 Comments The hacking group behind a cyberattack against the software firm ION Trading UK has recently conducted a series of breaches throughout the world, with its victims including the UK’s postal service and local government agencies in the US. The gang, known as LockBit, is a prolific ransomware operator, according to cybersecurity experts, specializing in using malicious software to encrypt files on a victims’ computer, then demanding payment to unlock the files. Earlier this week, it struck an ION system that paralyzed derivatives trading across markets for everything from commodities to bonds, forcing a number of European and US banks and brokers to process some trades manually. The group on Thursday threatened to publish “all available data” that it claimed to have stolen from ION on their website on the dark web unless the derivatives trading platform paid an unspecified ransom by February 4. U.S. CFTC Traders Report Delayed by Ransomware Attack on Data Firm ION UK regulators have started an investigation into the ION breach, which affected 42 of the company’s clients and forced a number of European and US banks and brokers to process some trades manually. The FBI is also seeking information on the attack and has reached out to ION executives, according to people familiar with the matter. LockBit’s malware was used in a ransomware attack against the UK’s Royal Mail in January, shuttering the service’s ability to send international letters and parcels and rendering some computers there inoperable. In December, an associate of the group hacked a Canadian children’s hospital, only for LockBit to apologize and send the victim a decryption key. The city of Mount Vernon, Ohio said its police department and other government agencies were affected by a LockBit ransomware attack. “There’s no doubt that we’re seeing an increase in activity and LockBit, which has claimed responsibility for the ION attack, is one of the most prolific threat actors,” said David Naylor, who heads the UK data privacy, cybersecurity and digital assets practice at law firm Squire Patton Boggs. He added, “Clearly, they tend to focus on organizations that they think are either vulnerable or operating high-value systems, where if they successfully attack them, there’s a meaningful prospect of securing a significant ransom – if the target is willing to pay.” LockBit has been active since at least January 2020 and has hacked as many as 1,000 victims globally, extorting at least $100 million in ransom demands, according to the US Justice Department. Last year, a Canadian-Russian man was arrested in Ontario for allegedly participating in a LockBit ransomware campaign. The group’s members are also active on Russian-language cybercriminal forums, according to cybersecurity experts. Like other hacking crews, LockBit functions under the ransomware-as-a-service model, in which members lease access to the malware to “affiliates” in exchange for a cut of any ransom payment that comes as a result of the breach. “They run it like a business, and that’s the best way to explain it,” said Jon DiMaggio, chief security strategist at the cyber firm Analyst1. “The founder of LockBit runs it as if he were Steve Jobs, which is successful for them but very bad news for the rest of us.” Researchers have also studied LockBit’s hacking tools, determining that the group regularly updates its malicious software in order to avoid detection from cybersecurity products. One strain of malware, dubbed LockBit Black, shows that the gang has experimented with a kind of self-spreading malware that would make it easier for hackers to infiltrate victim organizations without the technical expertise typically required to do so, Sophos Group Ltd. researchers wrote in a blog post. On Monday, they released a new strain of ransomware based on code taken from another Russian-speaking gang, Conti, which collapsed amid internal infighting last year, DiMaggio said. A spokesperson for LockBit declined to comment when reached by Bloomberg News. –With assistance from Isis Almeida and Katherine Doherty. Photograph: A person types at a backlit keyboard arranged in Danbury, U.K., on Thursday, Jan. 7, 2021. Photo credit: Chris Ratcliffe/Bloomberg Related: * ION Trading UK Indicates Cyber Attack Could Take 2-3 Days to Resolve Copyright 2023 Bloomberg. Topics USA Cyber Agencies Canada Was this article valuable? Yes No Thank you! Please tell us what we can do to improve this article. Submit No Thanks Thank you! % of people found this article valuable. Please tell us what you liked about it. Submit No Thanks Here are more articles you may enjoy. Gas Stoves Are Back Under Scrutiny With New Limits Proposed 25 Charged in Fake Nursing Diploma Scheme in South Florida S&P Predicts Reinsurers Will Continue Pricing Momentum During 2023 Slide Will Assume 91,000 Policies and Premium in United P&C Runoff in Florida WRITTEN BY RYAN GALLAGHER More From Author INTERESTED IN AGENCIES? Get automatic alerts for this topic. Submit Email This Subscribe to Newsletter Email to a friend Facebook Tweet LinkedIn Print Article * Categories: International & Reinsurance NewsTopics: cyber attacks, ransomware attacks, ransomware-as-a-service, Russian hackers * Have a hot lead? Email us at newsdesk@insurancejournal.com ADD A COMMENTSEE ALL COMMENTS (0)ADD A COMMENT CANCEL REPLY Your email address will not be published. Required fields are marked * Name * Email * Comment Δ Notify me of comments via e-mail More News FTC Is Preparing Potential Antitrust Case Against Amazon Tesla’s Elon Musk Found Not Liable in Trial Over 2018 ‘Funding Secured’ Tweets Florida Citizens’ Endorsement Now in Effect: Claims Disputes to be Heard by Admin Judges California Workers’ Comp Department’s Medical-Legal Evaluation Regulations OK’d More News Features READ THIS NEXT * Hackers of ION Trading Also Hit UK Postal Service, Canada Hospital, U.S. Local Agencies * Few Florida Carriers Filed for Arbitration in 2022, But It's Coming, Attorneys Say * New York Gov. Hochul Vetoes Wrongful Death Damages Bill * Cyber and Business Interruption Top 2023 Threats: Allianz Risk Barometer * Former California Insurance Agent Arrested for Allegedly Stealing $90K See Today's Top Insurance News INSURANCE JOBS * Field Auto Adjuster – Danbury, CT - Danbury, CT * Insurance Agency Bookkeeper – REMOTE - Birmingham, AL * Client Service Executive - New York, NY * Underwriter or Underwriter Assistant – Personal Lines – REMOTE - Sacramento, CA * Senior Claims Manager - * Navigating the Brewery Market * January Renewals See Hardest Property Catastrophe Reinsurance Rates in Generation * Insurance Pricing: True D&O Buyer’s Market; Stabilized Commercial Auto * What to Watch In Healthcare D&O, EPLI Post-COVID * Pickleball Explosion in Florida Creating New Hits and Misses for Insurers, Agents * Policyholders Counting on Calif. High Court for COVID Loss Claims * U.S. Military Members Suing 3M Seek Dismissal of Subsidiary's Bankruptcy * FedEx Loses Bid to Undo $366M Racial Bias Verdict, Files Appeal * Winter Storm Cancels Flights, Keeps Thousands Without Power * Judge: Defiant NJ Beach Town Can Sue for $21M in Dune Costs * February 2 Life's Unfair: The Mistakes that Lead to Bad Faith Claims * February 9 Technology-Enabled Insurance Commerce: Looking Back, Reaching Forward * February 16 Is THAT Covered on Your Farm Liability Form? * February 21 E&O Issues You Didn't See Coming: A Two-Part Series INSURANCE NEWS * News by Region * News by Topic * Yesterday SITE SEARCH FEATURES * Insurance Markets Directory * Forums * A.M. Best Company Ratings * Industry Events * Agencies For Sale * Newswire * Insurance Jobs * Rankings & Awards CONNECT WITH US * Email Newsletters * Magazine Subscriptions * For Your Website * RSS Feeds * Twitter * Facebook * LinkedIn * Do Not Sell My Info INSURANCE JOURNAL * Submit News * Advertise * Subscribe * Reprints * Link to Us * Contact Us WELLS MEDIA GROUP NETWORK * Insurance Journal * MyNewMarkets.com * Claims Journal * Insurance Journal TV * Academy of Insurance * Carrier Management © 2023 by Wells Media Group, Inc. Privacy Policy | Terms & Conditions | Site Map