British police have detained seven individuals in the wake of a hacking campaign conducted by the Lapsus$ cyber group known for hitting big companies such as Microsoft and Okta, City of London Police have announced.
Okta provides network authentication services to global multinationals. The San Francisco-based firm said last week that it had been the victim of an online cyber-strike and that some of its customers may have been impacted as a result.
In the UK, Detective Inspector Michael O’Sullivan, responded in an emailed statement to questions concerning the Lapsus$ group, stating:
“The City of London Police has been conducting an investigation with its partners into members of a hacking group.”
The organisation had uploaded a number of images showing Okta’s internal dialogues on a Telgram platform channel last week, with the intention of obtaining a ransom.
“Seven people between the ages of 16 and 21 have been arrested in connection with this investigation and have all been released under investigation.”
Okta shares fell by around 11% when news of the data breach first broke, with some experts hitting out at the tech firm for the casual nature of its response to the event. By Thursday of last week, the shares were still down 4.8%.
Although City of London Police have not directly named Lapsus$, a spokesperson for the police said that none of the seven arrested had been charged, and that investigations are set to take place.
In February, Lapsus$ published data concerning the US chip manufacturer, Nvidia Corp. Other elements of the group are suspected of having leaked source code from a series of large tech corporations, including Microsoft, which last week confirmed that a data breach had been experienced on one of its accounts.
No word has yet come from Lapsus$, although a 16-year-old from the Oxford area of Great Britain is thought to be the brains behind some of the group’s higher-profile attacks, Bloomberg News has said.
The youth’s father – contacted by phone – has not given comment, although Reuters says that cybersecurity experts looking into the case think the teenager has involvement in the group.
Speaking to Reuters, Allison Nixon, chief research officer at Unit 221b, said:
“The teenager we identified as being in control of Lapsus$ is particularly instrumental.
“Not just for their leadership role, but for the vital intel they must possess on other members”.
Assuaging the use of ransomware – a method so commonly employed by other hacking collectives – Lapsus$ has been described as an assault group driven by infamy, rather than a team seeking financial gain. The Lapsus$ intention thus far seems to be to destroy targets’ IT networks.
PrivSec World Forum
Part of the Digital Trust Europe Series - will take place through May, June & July 2022, visiting five major cities;
PrivSec World Forum is a two-day, in-person event taking place as part of the Digital Trust Europe series. Data protection, privacy and security are essential elements of any successful organisation’s operational make-up. Getting these things right can improve stakeholder trust and take any company to the next level.
PrivSec World Forum will bring together a range of speakers from world-renowned companies and industries—plus thought leaders and experts sharing case studies and their experiences—so that professionals from across all fields can listen, learn and debate.