'Operation Cronos' seizes major cybercrime group – and other cybersecurity news to know this month

International law enforcement agencies combined efforts to take down LockBit, a major ransomware organization. On 19 February, the UK's National Crime Agency (NCA), working with the FBI and other national police forces, seized control of the LockBit extortion website.

A message posted on the LockBit website read: "This site is now under the control of the National Crime Agency of the UK, working in close cooperation with the FBI and the international law enforcement task force, Operation Cronos."

Meanwhile, victims of ransomware attacks paid $1.1 billion to cybercriminals in 2023. The record-breaking payments were reported by the UK's Guardian newspaper, citing research from security specialists, Chainalysis.

The company described 2023 as a year that "marks a major comeback for ransomware". The record pay-outs by victims of such attacks reversed a large fall in financial losses seen in 2022.

The company says major institutions including the BBC and British Airways were hit by ransomware attacks. Hospitals and schools in the United States were among the targets. The research suggests cybercriminals are increasingly targeting large organizations with the aim of extorting higher sums of money. In 2023, a greater share of ransom payments topped $1 million or more.

To mount a ransomware attack, criminals hack into IT systems and plant software which locks out legitimate users and encrypts vital data. They then demand a ransom, often to be paid in cryptocurrency, to unlock access and restore data.

To better understand the cybercriminal ecosystem, visit the Forum's Cybercrime Atlas and Partnership Against Cybercrime initiatives.

Major tech companies including Amazon, Google, Microsoft and Meta have signed an accord aimed at protecting elections from AI-driven misinformation and deception.

According to a report from the BBC, 20 firms have committed to deploy technology to weed out AI-generated content designed to deceive voters. The Tech Accord to Combat Deceptive Use of AI in 2024 Elections was announced at the Munich Security Conference. “Democracy rests on safe and secure elections,” said Kent Walker, President of Global Affairs at Google, adding “today's accord reflects an industry-wide commitment against AI-generated election misinformation that erodes trust."

There is mounting concern that deepfake video and audio content that misrepresents politicians could pose a serious threat to free and fair elections. In a blog post about the accord signed in Munich, Microsoft explained how tech companies can act to defend democracy.

For more, watch a session from the World Economic Forum's Annual Meeting 2024 in Davos, Switzerland, on Protecting Democracy from Bots and Plots.

More than 100 hospitals and healthcare facilities in Romania have been taken offline by a major ransomware attack. The Romanian National Cyber Security Directorate said 25 hospitals had been compromised and dozens more shut down their IT networks as a precaution. The Directorate urged health facility managers against paying ransom demands.

In the US, a top cybersecurity official has warned that hospitals and schools are increasingly being targeted by cybercriminals. Institutions such as these are "some of the weakest in terms of cybersecurity," Ann Neuberger, the US Deputy National Security Adviser for Cyber and Emerging Technology, told CBS News.

North Korea is under investigation by the United Nations after a series of cyberattacks aimed at boosting Pyongyang's nuclear weapons programme. A Reuters report quoted UN investigators, saying: "The panel is investigating 58 suspected DPRK cyberattacks on cryptocurrency-related companies between 2017 and 2023, valued at approximately $3 billion, which reportedly help fund DPRK's WMD development."

A total of 35 countries have signed a declaration calling for stronger action to control the use and spread of spyware. A Reuters report says the agreement recognizes the growing threat that spyware poses to national security and human rights. Spyware tools can be used by hackers who carry out cybercrime campaigns on behalf of commercial clients.

A hacker group called Anonymous Sudan has claimed to be behind an attack on Cambridge University that locked students and faculty out of IT systems. Varsity, the independent newspaper for the university, described the incident as a Distributed Denial of Service (DDoS) attack, while TechRadar reported that Manchester University had also been targeted by the group.

The blurring of lines between cybercrime and violent organized crime is threatening people in South-East Asia. In August 2023, the UN reported at least 220,000 people had been trafficked and forced to operate in online scams.

The year 2024 is shaping up to be a defining year for cybersecurity, as AI brings a range of security benefits - but also adds a depth of risk never seen before. The Forum's Global Security Outlook is a comprehensive download on issues ranging from cyber resilience to skills shortages in the global security sector.

The 'internet of things' is another advanced technology that is helping to create sustainable solutions, such as wearable health trackers for 21st-century consumers. The World Economic Forum has teamed up with leading players in the sector to produce a policy framework for protecting consumers from security risks.