LockBit was first discovered in September 2019 under the name of .AbCD virus. They have evolved in leaps and bounds since then. A common methodology of this cyber crime gang is to target organizations which do not deploy two factor authentication or weak encryption algorithms for their VPN connectivity.
Another cybercrime gang, Maze, host some of the stolen data by LockBit on their servers, suggesting a collaboration between these two gangs. According to McAfee, LockBit mostly targets organizations located in the U.S., the U.K, France, Ukraine, Germany, India, China, and Indonesia.
References:
https://cyware.com/news/lockbit-a-new-entrant-taking-big-leaps-23850c68
It’s interesting to see crime gangs forming into business organizations with members never even have met each other. Cyber crime is still such a new and broad concept, organizations are unable to monitor their own scope of technology to evade being targeted. Precautions like MFA are turning into a standard but that also means new offense tactics are growing to break these standards as well.