According to the LockBit operator, he was pushed onto the path of cybercrime by the lack of a job where his abilities would be appreciated.
The specialists of the information security company Cisco Talos managed to communicate with the operator of the ransomware LockBit software, which carried out all the malicious operations alone. The hacker spoke about his modus operandi (victims, tools, etc.) and what pushed him on the path of cybercrime. In addition, he spoke about the plight of a security researcher in his home country, which, according to Cisco Talos, is Russia.
In an interview, LockBit operator, who identified himself as Alex (according to Cisco Talos, he lives in Siberia and is in his early thirties), said that he is a self-taught researcher specializing in penetration testing, network security and intelligence.
While still a student, Alex got a job at an IT company, but was quickly disappointed, as he felt that "the Russian cyber industry did not properly appreciate" his abilities.
“His disappointment became evident when, during our conversations, he disparaged several prominent Russian cybersecurity companies. He also noted that “in the West, I could probably work white and make money easily ...” suggesting that it was the underestimation of his abilities and low wages that drove him to engage in unethical and criminal activities, ”according to the Cisco Talos report.
Alex even cited several examples of such "underestimation" - the refusal to accept his reports on security problems on several sites, including the Russian social network. His "good intentions were ignored," Alex said, which pushed him onto the path of cybercrime.
Finding vulnerabilities and participating in bug bounty programs Alex also considers disastrous, as companies are doing everything possible to avoid paying researchers. But Cisco Talos experts are sure that the young man is mistaken, since his statement does not at all correspond to the results of their observations. Most likely, he just listened to the untrue stories of other cybercriminals.
It is noteworthy that Alex's decision to become a ransomware operator was motivated not only by the desire for financial gain. Although cyber ransomware is indeed profitable, the young man also wanted to show companies what poor data security is fraught with.
As Alex noted, “Russia is the best country for cybercriminals,” and the best victims are companies in the US and Europe, which pay “faster and more” than companies in the post-Soviet space. The fact is that in the case of Western companies, the payments to the extortionists are covered by insurance. In addition, victims in Europe are afraid of their data being leaked due to the fines it faces under the General Data Protection Regulation (GDPR).
Cybercriminals often tend to justify their actions after the fact, even if there was no real moral ambiguity in the crime. “In this case, he (Alex - ed.) Was pushed onto the path of cybercrime by the lack of work that would meet his needs. Underestimation of ability, resentment and lack of economic incentive are often the reasons for pushing the path of cybercrime, and this story is a shining example, ”- concluded the experts.
The specialists of the information security company Cisco Talos managed to communicate with the operator of the ransomware LockBit software, which carried out all the malicious operations alone. The hacker spoke about his modus operandi (victims, tools, etc.) and what pushed him on the path of cybercrime. In addition, he spoke about the plight of a security researcher in his home country, which, according to Cisco Talos, is Russia.
In an interview, LockBit operator, who identified himself as Alex (according to Cisco Talos, he lives in Siberia and is in his early thirties), said that he is a self-taught researcher specializing in penetration testing, network security and intelligence.
While still a student, Alex got a job at an IT company, but was quickly disappointed, as he felt that "the Russian cyber industry did not properly appreciate" his abilities.
“His disappointment became evident when, during our conversations, he disparaged several prominent Russian cybersecurity companies. He also noted that “in the West, I could probably work white and make money easily ...” suggesting that it was the underestimation of his abilities and low wages that drove him to engage in unethical and criminal activities, ”according to the Cisco Talos report.
Alex even cited several examples of such "underestimation" - the refusal to accept his reports on security problems on several sites, including the Russian social network. His "good intentions were ignored," Alex said, which pushed him onto the path of cybercrime.
Finding vulnerabilities and participating in bug bounty programs Alex also considers disastrous, as companies are doing everything possible to avoid paying researchers. But Cisco Talos experts are sure that the young man is mistaken, since his statement does not at all correspond to the results of their observations. Most likely, he just listened to the untrue stories of other cybercriminals.
It is noteworthy that Alex's decision to become a ransomware operator was motivated not only by the desire for financial gain. Although cyber ransomware is indeed profitable, the young man also wanted to show companies what poor data security is fraught with.
As Alex noted, “Russia is the best country for cybercriminals,” and the best victims are companies in the US and Europe, which pay “faster and more” than companies in the post-Soviet space. The fact is that in the case of Western companies, the payments to the extortionists are covered by insurance. In addition, victims in Europe are afraid of their data being leaked due to the fines it faces under the General Data Protection Regulation (GDPR).
Cybercriminals often tend to justify their actions after the fact, even if there was no real moral ambiguity in the crime. “In this case, he (Alex - ed.) Was pushed onto the path of cybercrime by the lack of work that would meet his needs. Underestimation of ability, resentment and lack of economic incentive are often the reasons for pushing the path of cybercrime, and this story is a shining example, ”- concluded the experts.