Black Basta ransomware has become one of the biggest threats worldwide, CISA and FBI say
More than 500 victims in two years for Black Basta ransomware
In the two years since its inception, the Black Basta ransomware-as-a-service has, through its affiliates, compromised more than 500 organizations all over the world, law enforcement has claimed.
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), Department of Health and Human Services (HHS), and Multi-State Information Sharing and Analysis Center (MS-ISAC), released a joint security advisory on Black Basta, sharing valuable information on the adversaries’ tactics, techniques, and procedures (TTP), indicators of compromise (IOC), and more, to help organizations protect against the rising threat.
This has cemented its position as one of the most prolific ransomware threats worldwide, wreaking havoc across industries as the attacks disrupt businesses and leak sensitive data on the dark web.
Increasing sophistication
As per the advisory, since April 2022, when it was first observed, Black Basta has infected more than 500 organizations all over the world. Among the victims are organizations in 12 out of 16 critical infrastructure sectors, including the Healthcare and Public Health (HPH) Sector.
Some of Black Basta’s victims include Hyundai Europe, Capita, The American Dental Association, Yellow Pages Canada, Dish, and many, many others.
Black Basta most likely emerged after the downfall of Conti, another major ransomware player until the beginning of the Russian invasion of Ukraine.
At the time, the group publicly proclaimed its affiliation with the Kremlin regime, provoking a backlash among its affiliates (many of whom were Ukrainian). Soon after, the group fragmented, with one of the newly created threat actors quite possibly being Black Basta.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
To protect against the threat, businesses should always make sure that their software and hardware is up to date, and that their employees are aware of the dangers of phishing and social engineering. After all, Black Basta’s first point of entry is almost always a phishing email.
Via BleepingComputer
More from TechRadar Pro
- AI-powered cyberattacks are the biggest concern for IT - and most are unprepared for them
- Here's a list of the best firewalls today
- These are the best endpoint protection tools right now
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.