Focus On Black Basta Ransomware

Uploaded on 2024-05-20 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

The Black Basta ransomware-as-a-service (RaaS) operation has targeted more than 500 private industry and critical infrastructure entities in North America, Europe, and Australia since its emergence in 2022. Its affiliates have targeted over 500 private industry and critical infrastructure entities, including healthcare organisations, in North America, Europe, and Australia.

Now, the US Cyber Defense Agency, Cybersecurity & Infrastructure Security Agency (CISA) the FBI and other agencies are encouraging organisations to review and implement the mitigations provided in a joint Cyber Security Advisory to reduce the likelihood and impact of Black Basta and other ransomware incidents.

Ransomware is a type of malware designed to encrypt files on a device, rendering them and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption.  The CISA Advsisory aims to provide cyber security defenders with tactics, techniques, and procedures (TTPs) used by known Black Basta ransomware affiliates and identified through FBI investigations and third-party reporting. 

Current investigations indicate that Black Basta is a Russian-speaking group and in the Russian language the term is slang for  'stop', 'that's enough', or 'I quit'. 

Over time, malicious actors have adjusted their ransomware tactics to be more destructive and impactful and have also exfiltrated victim data and pressured victims to pay by threatening to release the stolen data. The application of both tactics is known as “double extortion.” In some cases, malicious actors may exfiltrate data and threaten to release it as their sole form of extortion without employing ransomware. 

Like most cybercriminals, Black Basta is primarily financially motivated and the group is known to demand large sums in ransom - sometimes millions of dollars. Operators in the group have focused their interest in specifically targeting English-speaking  countries, which might possibly suggest a political motive for their criminal exploits.  

CISA   |   CISA   |   Hacker News   |   US Dept. Health & Human Services   |

Image:  Ideogram

You Might Also Read: 

Quadruple Extortion Ransomware:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« A Critical Vulnerability In The Post-PSTIA Era 
Cloud Threats Require New Advanced Defenses »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

MarQuest

MarQuest

MarQuest provides services and systems to enhance network reliability and security.

SecurePay

SecurePay

SecurePay is Australia's premier payment gateway, with a range of secure online payment solutions for online retailers, SMEs and enterprise businesses.

VMRay

VMRay

VMRay delivers advanced threat analysis and detection that combines a unique agentless hypervisor-based network sandbox with a real-time reputation engine.

Cybersecurity Collaborative

Cybersecurity Collaborative

CyberSecurity Collaborative is a forum for CISOs to share information that will collectively make us stronger, and better equipped to protect our enterprises from those seeking to damage them.

Myra Security

Myra Security

Myra technology monitors, analyzes, and filters malicious internet traffic before virtual attacks can do any real harm.

BooleBox

BooleBox

Boolebox is the innovative suite of enterprise data protection applications that preserve the integrity and confidentiality of data from any unauthorized access.

Valtori

Valtori

Government ICT Centre Valtori provides sector-independent ICT services for the central government, while taking into account the special requirements related to security and preparedness.

CSIRT-NQN

CSIRT-NQN

CSIRT-NQN is the Computer Incident Response Team for the Argentine province of Neuquen.

SOOHO

SOOHO

SOOHO helps to detect security vulnerabilities earlier. Our blockchain security platform audits from smart contracts to on-chain transactions.

Intel Capital

Intel Capital

Intel Capital, Intel's strategic investment organization, backs innovative technology startups and companies worldwide. We invest in a broad range of hardware, software, and services.

Space ISAC

Space ISAC

Space ISAC is the only all-threats security information source for the public and private space sector.

Computer Services Inc (CSI)

Computer Services Inc (CSI)

CSI is a leading fintech, regtech and cybersecurity solutions partner operating at the intersection of innovation and service.

VectorRock

VectorRock

Save Your Business From Cyber Criminals. We specialize in uncovering cyber risks which threaten your organization and fixing them.

Questex Asia Total Security Conference

Questex Asia Total Security Conference

Questex Asia’s Total Security Conferences is one of the industry’s most prestigious and engaging forums for the region's top information security leaders and business decision-makers.

Invisinet Technologies

Invisinet Technologies

Invisinet is a cybersecurity technology company specializing in innovative solutions that protect network infrastructure and critical assets from advanced threats.

Scamnetic

Scamnetic

Scamnetic offer an everyday application that helps consumers detect every type of scam in real time – removing human error from the equation.