JACKSONVILLE BEACH, Fla. – The leader of a Russia-based cybergang that is claiming responsibility for the cyber attack on Jacksonville Beach’s information systems threatened to commit more cybercrimes.
RELATED: Cybercriminals are holding data from Jacksonville Beach for ransom
The leader of the cybergang LockBit, recorded that threat on the Record Future News “Click Here” podcast. He is known as Lock Supp, which stands for LockBit Support.
The ransomware gang listed the personal information of nearly 50,000 local Beaches Energy customers after Jacksonville Beach refused to pay a ransom in exchange for their social security numbers and bank information.
An international investigation to dismantle LockBit was said to be a success but failed to capture LockBit’s leader who’s now promising to commit more cybercrimes.
“The takedown isn’t an indication of a systematic problem with ransomware, it won’t have that kind of effect. If the FBI can’t scare me, my partners will respect me,” Lock Supp said.
The News4JAX I-TEAM learned that Lock Supp lives somewhere in Russia where the government doesn’t crack down on cybercrimes unless they’re targeting the Soviet Union.
He’s suspected to be in his 40s and responsible for extorting more than $120 million from governments, businesses and hospitals.
“And if you have a foreign national group that’s launching these attacks, you don’t have an easy way to arrest them,” Tyler Chancey of Scarlett Cybersecurity Services said. “If the FBI for example, discovered who it is, you can’t just go there and arrest him in another country. And these groups might get taken down, there might be an international effort to take down their website, all their servers, all their resources. But unfortunately, you can rebuild.”
Scarlett Cybersecurity specializes in incident prevention, detection and response. He said the good news for Jacksonville Beach residents is that ransomware attackers don’t necessarily see stolen personal information as their prize, instead their main focus is obtaining the ransom.
“From the threat actors, what they’re trying to do is extort a payment from Jacksonville Beach. They don’t necessarily care about your data directly. They use it as leverage for the city to try to get a payment. The extortion failed in that sense because they’re going to release this data to the World Wide Web,” Chancey said.
It’s unclear just how much ransom, LockBit demanded from Jacksonville Beach in exchange for the personal information return. Paying ransom to cybercriminals is illegal in Florida and North Carolina, and there is some conversation about a federal ban on paying ransom to cybercriminals.
If you are affected by the data breach, you will get a notice in the mail.