Get Started

Cybersecurity Services

Cybersecurity Services
vCISO / Fractional CISO
Offensive Security & Penetration Testing
Incident Response & Digital Forensics
Cybersecurity Awareness
CMMC Compliance

Managed IT Services

Help Desk & End User Support
NOC (Server/Network RMM)
MDR/XDR (AI-Assisted SOC)

Professional Services

Remote Deployment and Operations
Staff Augmentation
AI & Automation Consulting

Solutions

Infrastructure & Security
Cloud & Data Center
Data Protection & Backup/DR
Zero Trust Security
Remote Workforce & Endpoints
Collaboration & Innovation
Virtual Desktops & Apps (VDI)
Unified Communications
Mobility Solutions

Industries

Federal Government
State and Local Government
Healthcare
Education
Critical Infrastructure
All Industries

Partners

Omnissa
Dell EMC
Hitachi
Microsoft
Google
HPE
Nutanix
Commvault
FileCloud
Login VSI
TURBO.NET
Red Hat
All Partners

Insights

Blog
Z7 Cyber Intelligence
Case Studies
Capability Statement

About

Why Z7 Solutions
Contract Vehicles
Careers
Contact Us
  • Home
  • Z7 Cyber intelligence
  • LOCKBIT

LOCKBIT

Z7-TAF THREAT SCORE
0 /10.0

CLASSIFICATION

CRITICAL THREAT (DEGRADED)

The Rise and Fall of the World's Most Prolific Ransomware Operation

On November 8, 2023, LockBit did something no ransomware group had ever done: they nearly broke the US Treasury market. Their attack on ICBC, the world’s largest bank, caused $62.2 billion in failed Treasury trades and forced bankers to settle transactions via USB drives carried by messengers through Manhattan.

Three months later, Operation Cronos took them down. The FBI and NCA seized their servers, recovered 7,000 decryption keys, and unmasked their leader, Dmitry Khoroshev, who had offered $10 million to anyone who could dox him. Now he’s the one with a $10 million bounty on his head.

Attacks dissected in this report

ICBC Financial Services (Nov 2023)

$62.2B failed trades, $9B emergency injection - Z7-BAF 9.14

Boeing (Oct-Nov 2023)

43-50GB leaked, Citrix Bleed exploitation - Z7-BAF 8.21

Fulton County, Georgia (Jan 2024)

Weeks of outages, claimed Trump case documents - Z7-BAF 8.07

What's in the full intelligence report

Complete Z7-TAF Analysis

All 7 dimensions scored with pre/post-Cronos comparison

3 Full Z7-BAF Attack Dissections

ICBC, Boeing, Fulton County with timelines and component scores

Operation Cronos Deep Dive

How the takedown worked and why it succeeded

Khoroshev Dossier

What we know about LockBitSupp

Citrix Bleed Analysis

The vulnerability that took down Boeing and ICBC

ABOUT Z7 CYBER INTELLIGENCE

Z7 Cyber Intelligence delivers threat analysis and breach assessments used by security teams, compliance officers, and executive leadership. Our proprietary Z7-TAF and Z7-BAF frameworks provide quantified, defensible scoring that enables data-driven risk decisions.

Proprietary Methodology

Z7-TAF (Threat Actor Framework) and Z7-BAF (Breach Assessment Framework) are proprietary scoring systems developed by Z7 Solutions. Detailed scoring criteria, dimension weights, and assessment rubrics are proprietary. Complete methodology documentation is available under NDA for clients.

Get your LOCKBIT Intelligence Report NOW!
This page provides an executive-level preview only. Detailed analysis, scoring methodology, and proprietary frameworks are available in the full intelligence report.