LockBit is a relatively new Ransomware-as-a-Service (RaaS) where the developers are in charge of the payment site and development and ‘affiliates’ sign up to distribute the LockBit. Hackers gained access to the network by brute-forcing an administrator account through an outdated VPN service. As they already had an admin account, they were one step ahead and could quickly deploy the ransomware on the network. LockBit includes a feature that allows it to spread itself to the rest of the computers on a network.
Source: https://www.bleepingcomputer.com/news/security/lockbit-ransomware-self-spreads-to-quickly-encrypt-225-systems/