top of page

LockBit ransomware on Mac: Should we worry?


Posted: April 18, 2023 by Jovi Umawing

One of the big headlines over the weekend is LockBit, the high-profile Russian ransomware gang, decided to expand its portfolio of potential victims by creating and releasing its first macOS payload, potentially triggering members of the Apple community to panic. But have no fear: Apple security experts have dissected the payload, taking a deep dive into what it can and cannot do, and concluded that the ransomware is, actually, toothless. "Yes, it can indeed run on Apple Silicon. That is basically the extent of its impact," says Patrick Wardle (@patrickwardle), known macOS cybersecurity expert and founder of the non-profit, Objective-See. "macOS users have nothing to worry about."


How to avoid ransomware

  • Block common forms of entry. Create a plan for patching vulnerabilities in internet-facing systems quickly; disable or harden remote access like RDP and VPNs; use endpoint security software that can detect exploits and malware used to deliver ransomware.

  • Detect intrusions. Make it harder for intruders to operate inside your organization by segmenting networks and assigning access rights prudently. Use EDR or MDR to detect unusual activity before an attack occurs.

  • Stop malicious encryption. Deploy Endpoint Detection and Response software like Malwarebytes EDR that uses multiple different detection techniques to identify ransomware, and ransomware rollback to restore damaged system files.

  • Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers. Test them regularly to make sure you can restore essential business functions swiftly.

  • Don’t get attacked twice. Once you've isolated the outbreak and stopped the first attack, you must remove every trace of the attackers, their malware, their tools, and their methods of entry, to avoid being attacked again.

Managed Malwarebytes from Kettering Computer Solutions removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Contact KCS Now!

6 views0 comments

コメント


bottom of page