Russian-Canadian arrested over global LockBit ransomware campaign

A Russian-Canadian national has been arrested over LockBit cyber-attacks targeting critical infrastructure, US officials say.

Mikhail Vasiliev, 33, was arrested in Ontario, Canada, on 9 November, the Department of Justice (DoJ) said.

It said LockBit had been used against more than 1,000 victims who had faced ransom demands amounting to millions.

In August, a Holiday Inn hotel in Turkey was breached by LockBit, which released data stolen from the company.

There has been increased scrutiny on appropriate defences against cyber-attacks, particularly on Western financial institutions, in the wake of heightened tensions following Russia's invasion of Ukraine early this year.

Mikhail Vasiliev's arrest is "the result of over two-and-a-half-years of investigation into the LockBit ransomware group, external, which has harmed victims in the United States and around the world," US Deputy Attorney General Lisa Monaco said.

He is charged with "conspiring with others to intentionally damage protected computers and to transmit ransom demands" - and is awaiting extradition to New Jersey, where the indictment was unsealed.

"LockBit members have made at least $100m in ransom demands to those victims and have extracted tens of millions of dollars in actual ransom payments," the DoJ said.

If convicted, Mr Vasiliev faces up to five years in prison and a maximum fine of $250,000 (£215,000).