18 October, 2024
US sanctions LockBit members after ransomware takedown
The U.S. government has sanctioned two key members of LockBit, the Russian-speaking hacking and extortion gang accused of launching ransomware attacks against victims across the U.S. and internationally.
In a post on Tuesday, the U.S. Treasury confirmed it is sanctioning two Russian nationals, Artur Sungatov and Ivan Gennadievich Kondratiev.
Sungatov and Kondratiev were separately indicted by U.S. prosecutors on Tuesday for their alleged involvement with LockBit.
Kondratiev is also accused of involvement with REvil, RansomEXX and Avaddon ransomware gangs.
“The United States will not tolerate attempts to extort and steal from our citizens and institutions,” said U.S. Deputy Secretary of the Treasury Wally Adeyemo in a statement. “We will continue our whole-of-government approach to defend against malicious cyber activities, and will use all available tools to hold the actors that enable these threats accountable.”
The newly imposed sanctions mean it is now illegal for U.S. businesses or individuals to pay or otherwise transact with those named by sanctions, a tactic typically used to discourage American victims from paying a hacker’s ransom.
Sanctioning the individuals behind cyberattacks makes it more difficult for the individual hackers to profit from ransomware, rather than targeting groups that can rebrand or change names to skirt sanctions.
Those who are caught violating U.S. sanctions law, such as companies paying a sanctioned hacker, can lead to hefty fines and criminal prosecution.
The sanctions dropped hours after U.S. and U.K. authorities announced a global law enforcement operation aimed at disrupting LockBit’s infrastructure and operations. The authorities announced the seizure of LockBit’s infrastructure on the gang’s own dark web leak site, which the group previously used to publish victims’ stolen data unless a ransom was paid.
U.S. prosecutors accuse LockBit’s operators of using ransomware in more than 2,000 cyberattacks against victims in the U.S. and worldwide, making some $120 million in ransom payments since it was founded in 2019.
LockBit has taken credit for hundreds of hacks over the years, including California’s Department of Finance, the U.K. postal service Royal Mail and U.S. dental insurance giant MCNA, affecting millions of individuals’ personal information.
The U.S. sanctions announced Tuesday are the latest round of actions targeting the hackers behind LockBit and other prolific ransomware gangs.
In 2022, Russian-Canadian dual national Mikhail Vasiliev was arrested on allegations of launching multiple LockBit ransomware attacks. A year later, U.S. authorities arrested Ruslan Magomedovich Astamirov under similar allegations. Both suspects remain in custody awaiting trial.
A third suspect, Russian national Mikhail Pavlovich Matveev, was accused of involvement in several ransomware operations, including LockBit. Matveev, who remains at large, was subject to U.S. sanctions in 2023, preventing U.S. victims from paying a ransom to him or his associated ransomware gangs, including Hive and Babuk. The U.S. government also has a $10 million reward for information leading to Matveev’s arrest.
In its announcement Tuesday, the U.S. government did not yet name the suspected LockBit ringleader, who goes by the moniker LockBitSupp. The now-seized LockBit dark web leak site says law enforcement plans to release more information on the alleged leader on Friday, including details of a $10 million bounty for information leading to their location or identification.
Besides sanctions, the U.S. does not ban or otherwise restrict victims from paying a ransom, though the FBI has long advised victims against paying off hackers for fear of perpetuating future cyberattacks. Security researchers say that ransomware victims who pay a ransom are more likely to experience subsequent ransomware attacks.
Read more on TechCrunch:
Why are ransomware gangs making so much money?Why ransomware victims can’t stop paying off hackersDo government sanctions against ransomware groups work?Why extortion is the new ransomware threat
Authorities disrupt operations of notorious LockBit ransomware gang
OpenAI announces new board members, reinstates CEO Sam Altman
Sam Altman, the CEO of OpenAI, has a seat at the table — or board, rather — once again.
OpenAI today announced that Altman will be rejoining the company’s board of directors several months after losing his seat and being pushed out as OpenAI’s CEO.
Joining him are three new members: former CEO of the Bill and Melinda Gates Foundation Sue Desmond-Hellmann, ex-Sony Entertainment president Nicole Seligman and Instacart CEO Fidji Simo — bringing OpenAI’s board to eight people.
The members of the transitionary board — the board formed after Altman’s firing in November — won’t be stepping down with the appointment of Desmond-Hellmann, Seligman and Simo. Former Salesforce co-CEO Bret Taylor (OpenAI’s current board chair), Quora CEO Adam D’Angelo and Larry Summers, the economist and former Harvard president, will remain in their roles on the board, as will Dee Templeton, a Microsoft-appointed board observer.
The appointment of the four new board members — and reappointment of Altman — comes after OpenAI received criticism for its board’s all-male makeup and the nomination of Summers, who has a history of making unflattering remarks about women. The Congressional Black Caucus flagged the board’s lack of diversity in a letter sent in January, noting the importance of the Black perspective in building tools to help mitigate AI bias.
OpenAI’s expanded board is certainly diverse — at least in terms of their backgrounds.
Desmond-Hellmann, in addition to heading the Bill and Melinda Gates Foundation for six years, was previously chancellor of the University of California, San Francisco and before that president of product development at Genentech, where she helped develop gene-targeted cancer drugs. Desmond-Hellmann is an oncologist by training, board-certified in both internal medicine and medical oncology.
Seligman, an attorney and corporate director, received national attention for her representation of Lieutenant Colonel Oliver North during the Iran-Contra hearings and President Bill Clinton during his impeachment trial. Seligman was Sony’s VC and general counsel before rising through the ranks to CEO of Sony Corporation and president of Sony Corporation of America.
As for Fidji Simo, before becoming CEO of Instacart, she was head of the Facebook app at Meta and the VP overseeing Meta’s various video, games and monetization efforts. Simo also co-founded — and is currently president of — The Metrodora Foundation, a health clinic and research institute.
“Sue, Fidji and Nicole have experience in leading global organizations and navigating complex regulatory environments, including backgrounds in technology, nonprofit and board governance,” OpenAI wrote in a blog post. “They will work closely with current board members Adam D’Angelo, Larry Summers and Bret Taylor as well as Sam and OpenAI’s senior management.”
The board’s expansion and Altman’s reinstatement also follows an investigation by the law firm WilmerHale, retained by OpenAI, that concluded Altman’s ouster was a “consequence of a breakdown in the relationship and loss of trust” between Altman and the prior board — not out of “concerns regarding product safety or security, the pace of development, OpenAI’s finances or its statement to investors, customers, or business partners.”
OpenAI in a blog post said that, during the probe, WilmerHale conducted dozens of interviews with the company’s prior board, current executives, advisers and other witnesses and reviewed thousands of documents and other corporate actions. In the opinion of the firm, the prior board acted within its right to terminate Altman — but Altman’s conduct didn’t mandate removal.
“We have unanimously concluded that Sam and [OpenAI president Greg Brockman] are the right leaders for OpenAI,” Taylor said in a statement. “We recognize the magnitude of our role in stewarding transformative technologies for the global good.”
Not all at OpenAI would likely agree.
New York Times reporting earlier this week paints a picture of a manipulative Altman — a leader who often told people what they wanted to hear to charm them and support his decisions but who undermined their credibility when they challenged him. Both OpenAI CTO Mira Murati and Ilya Sutskever, a former OpenAI board member and the startup’s chief scientist, approached members of OpenAI’s previous board to express concerns about Altman’s behavior prior to his ouster last year, according to The Times.
In addition to today’s board appointments, OpenAI said that it would adopt a new set of corporate governance guidelines, including strengthening its conflict of interest policy, creating a whistleblower hotline “to serve as an anonymous reporting resource for all OpenAI employees and contractors” and establishing additional board committees — including a mission and strategy committee “focused on implementation and advancement of the core mission of OpenAI.”
We’ve asked OpenAI for more information on the reworked conflict of interest policy and mission and strategy committee and will update this post if we hear back.