The FBI released a report this week detailing indicators of compromise associated with ransomware variants that have compromised at least 60 entities worldwide, and recommendations for organizations to reduce their risk of attack. The Cybersecurity & Infrastructure Agency today encouraged organizations to review and implement the recommendations.
John Riggi, AHA National Cybersecurity and Risk Advisor, said: “In addition to containing actionable indicators of compromise, this FBI FLASH highlights that the BlackCat gang uses an advanced programming language (known as RUST) which increases the reliability of their attacks, and offering their capability to other hackers as “ransomware as a service”. He also notes that members of the BlackCat ransomware gang have been linked to the Russian-speaking Darkside/Blackmatter gang responsible for the Colonial Pipeline ransomware attack in 2021 – thus indicating that this group may possess the ability to attack US critical infrastructure. Whether they have the current intent remains to be seen. Given the possible Russian connection and the flurry of recent government warnings about Russian criminal and state-sponsored cyber threats against US critical infrastructure, the ransom group BlackCat is very concerning.
For more information on this and other cyber risks, contact Riggi at email@example.com.