After a series of cyberattacks by Lapsus$ hacking group, the City of London Police has arrested seven people. On Thursday, officers tracked down and apprehended suspects between the ages of 16 and 21 in connection with the investigation. The suspected hackers struck such major targets as Okta, Microsoft, and NVIDIA. One of the suspected Okta hackers is the Oxford, England teenager earlier reports discussed.
A Hacking Group Motivated More By Notoriety Than Financial Gain
Unit 42, a research team from Palo Alto Networks, described the hackers as being motivated more by notoriety than by financial gain (via Reuters). The hackers, according to security researchers, don’t rely on the use of ransomware in their attacks. Ransomware is malicious software that encrypts its victim’s network, and is the hallmark of digital extortion.
Instead, this hacking group works to manually vandalize and lay waste to its targets’ networks. In cooperation with Unit 221b, a separate security consultancy, the Palo Alto researchers helped law enforcement identify and capture some of those believed to be behind the Lapsus$ hacking group.
Tracking Down and Apprehending the Okta Hackers
In fact, Unit 221b helped identify the 16-year-old from Oxford, England who authorities believe is the ringleader of behind Lapsus$. Allison Nixon, chief research officer at Unit 221b, told Reuters, “The teenager we identified as being in control of Lapsus$ is particularly instrumental.”
Nixon believes the teenager is important not just for his leadership role. The consultants also believe he likely possesses a good amount of intelligence about other members of the group.
Detective Inspector Michael O’Sullivan, of the City of London Police, stated that authorities arrested seven people. The suspects arrested were between the ages of 16 and 21. The police later released all of them under investigation. The police department hasn’t officially named Lapsus$ in its statement, and a spokesperson said the agency hasn’t formally charged any of the suspects yet.
Journalists reached the 16-year-old’s father by telephone, but he declined to comment. Because the teenager is a minor, he cannot be named, but Reuters was able to confirm him to be the individual cybersecurity researchers believe is involved with Lapsus$.