The almost certainly manner the FBI will affiliate particular keys with particular victims — assuming that specific sufferer contacts the authorities — is that “the FBI will generate a script that can run all 7,000-plus keys” in opposition to the sufferer’s still-locked information, Levine stated. There’s additionally a chance that LockBit was reusing keys, he stated.
A motive to name the FBI
The most important good thing about the FBI announcement, Levine stated, is that it offers CISOs a concrete motive to contact the FBI. An issue that many enterprises have when they’re hit with any type of cyberattack is that they don’t have a present direct FBI contact — together with cell quantity. Critically, legislation enforcement contacts have to be established for each geographic the place the enterprise has servers. In an emergency, the very last thing an enterprise needs to do is begin reaching out to a federal switchboard.
“That is simply one other nice instance of how legislation enforcement can add actual worth in responding to an incident,” Levine stated. “But it surely’s crucial that organizations develop a private relationship with an current FBI cyber agent previous to the incident. In any other case, organizations could also be spending a whole lot of time tapping their toes to mild jazz throughout an countless maintain.”
