In a concerted effort to combat the escalating threats posed by ransomware, the Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Fe...
Authored by Brandon Kelsheimer
In a concerted effort to combat the escalating threats posed by ransomware, the Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Federal Bureau of Investigation (FBI), the Department of Health and Human Services (HHS), and the Multi-State Information Sharing and Analysis Center (MS-ISAC), issued a critical advisory on May 10, 2024, focusing on the Black Basta ransomware. This collective initiative underscores these organizations’ commitment to fortifying defenses against sophisticated cyber adversaries.
The Black Basta ransomware operates as Ransomware-as-a-Service (RaaS), allowing affiliates to use the malware against targets. Since its discovery in April 2022, Black Basta has affected over 500 entities, including private industries and critical infrastructure sectors across North America, Europe, and Australia. The ransomware uses double extortion tactics, encrypting data and promising to leak it unless a ransom is paid. This strategy has been effective, generating alleged profits exceeding $100 million.
The healthcare sector has been significantly targeted, demonstrating the group’s opportunistic approach towards industries with sensitive and critical data. Recent attacks have led to considerable disruptions in healthcare services, emphasizing the severe impact of such cyber incidents. CISA and its partners recommend several mitigations to help organizations strengthen their cybersecurity defenses and reduce the likelihood of a successful ransomware attack.
The recommended tactics, techniques, procedures (TTPs), and indicators of compromise (IOCs) can be found in the joint Cybersecurity Advisory. Organizations are encouraged to consult resources like StopRansomware.gov for further guidance on safeguarding against ransomware threats. This advisory’s release is a proactive measure aimed at raising awareness and guiding organizations on effective strategies to counter the Black Basta ransomware threat. By disseminating this information, CISA, and its partners aim to educate organizations about the specific threats posed by Black Basta and reinforce the importance of robust cybersecurity practices in maintaining the integrity and security of critical systems and data.
How CLA Can Help
CLA’s cybersecurity team has years of experience performing IT risk assessments, controls reviews, and custom cybersecurity testing. Please contact us to help in assessing and mitigating your risk for a cyber-attack.
Sources:
https://h-isac.org/black-basta-threat-actor-emerges-as-a-major-threat-to-the-healthcare-industry
Want to learn more? Complete the form below and we'll be in touch. If you are unable to see the form below, please complete your submission here.Contact us