Industry Talk

Regular Industry Development Updates, Opinions and Talking Points relating to Manufacturing, the Supply Chain and Logistics.

Dispossessor ransomware group takedown

The law enforcement takedown of Dispossessor is interesting, as they do not appear to be a particularly impactful or active ransomware group, so why go after them? When they launched, they were described as simply reposting LockBit victims, and according to the FBI’s own statements they are only known to have performed around 40 attacks since they launched in 2023.

Recently there have been a number of law enforcement disruption operations against cybercriminals in a short space of time. It may well be that the goal of this takedown is to maintain that operational tempo and keep the ransomware industry disrupted and off balance.

Instead of targeting Dispossessor for a take own in order to combat their operations specifically, they may have simply discovered an OpSec error by the criminals and decided to make use of it in an opportunistic operation.

If Dispossessor’s operations are disrupted and they stop posting victims, it won’t drastically reduce the total number of ransomware victims. However, yet another takedown in a short space of time could make cybercriminals more cautious and risk aware and may even help push some to exit the industry.