The US Government has issued an alert to organisations about the threat posed by the BlackMatter ransomware group.
The government’s Cybersecurity & Infrastructure Security Agency (better known as CISA) issued the advisory earlier this week, following a series of BlackMatter ransomware attacks since July 2021 targeting US critical infrastructure, including two American organisations working in the food and agriculture sector.
The BlackMatter ransomware, which came to prominence earlier this year following the demise of the notorious REvil and DarkSide ransomware gangs, is a ransomware-as-a-service (RaaS) operation that provides other cybercriminals with the technology needed to exfiltrate information from corporations, encrypt their data, and demand a costly ransom.
Effectively this means that the BlackMatter ransomware is not just in the hands of sophisticated cybercriminals, but also less-technical groups and individuals who may not normally have the skillset to pull off such an attack.
As the alert explains, BlackMatter uses previously-compromised usernames and passwords to spread across compromised networks, remotely encrypting computers and shared drives as they are found before ultimately demanding a ransom payment is made in cryptocurrency.
Law enforcement agencies, according to the CISA alert, are advising that all organisations take steps to harden their defences and reduce the chance of a successful infection by the BlackMatter ransomware:
“Ransomware attacks against critical infrastructure entities could directly affect consumer access to critical infrastructure services; therefore, CISA, the FBI, and NSA urge all organizations, including critical infrastructure organizations, to implement the recommendations listed in the Mitigations section of this joint advisory. These mitigations will help organizations reduce the risk of compromise from BlackMatter ransomware attacks.”
Amongst the detailed advice included in the alert on how to protect against the BlackMatter ransomware and mitigate the threat are the following suggestions:
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Graham Cluley. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/us-government-warns-of-blackmatter-ransomware-attacks-against-critical-infrastructure/
Authors/Presenters: *Yafei Wu, Cong Sun, Dongrui Zeng, Gang Tan, Siqi Ma, Peicheng Wang* Many thanks to USENIX for publishing their…
North American software developers have reasonable confidence that generative AI can be a tool to improve the security of the…
The warning underscores the importance of a collaborative approach to AI security involving stakeholders across different domains, including data science…
As the financial industry increasingly adopts digital processes, it faces a growing array of cybersecurity threats. Cybercriminals target sensitive customer…
via the comic artistry and dry wit of Randall Munroe, creator of XKCD Permalink
At SafeBreach’s 2023 Validate East Summit, security experts discussed their approaches to developing a successful BAS program. The post Architecting…