FBI Warning as BlackCat Ransomware Breaches at Least 60 Organizations
Ransomware-as-a-service (RaaS) group BlackCat, has already compromised 60 entities worldwide, according to a FLASH warning issued by the Federal Bureau of Investigation (FBI) this week.
The report confirms that the recently established BlackCat group are typically requesting ransom payments of several million dollars, and are carrying out their attacks using Rust, a highly advanced coding language.
The FLASH warning – which is one of a series of reports the FBI is making about the rise of ransomware cases – highlights the need for business vigilance in the face of increasingly sophisticated cyberattacks.
BlackCat: A Uniquely Sophisticated Threat
While these ransomware attacks may sound alarming, security breaches are nothing new. In fact, research from Atlas VPN reveals that almost six billion online accounts are targeted in data breaches each year.
However, while cyberattacks are indeed becoming the new normal, BlackCat and its steadily widening reach should spark concern among U.S. businesses for a number of reasons.
Firstly, just like its predecessors, BlackMatter and DarkSide, BlackCat’s ransomware software, of the same name, runs on Rust. Rust is a coding language that can be run on embedded devices and can integrate with other languages.
According to the FBI’s FLASH warning, this coding language is capable of inflicting greater damage because it’s harder to detect and it offers ‘improved performance and reliable concurrent processing’.
And other cybersecurity experts agree, with Carolyn Crandall, chief security advocate at Attivo Networks attesting that BlackCat’s new code is particularly effective at circumventing endpoint defense systems.
The FBI also revealed that BlackCat is able to leverage Windows and Microsoft’s tools to deploy the ransomware. From here, the group is able to disable security features within the victim’s network, and edit, delete or seize their compromised data.
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise