Focus On Black Basta Ransomware

Uploaded on 2024-05-20 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

The Black Basta ransomware-as-a-service (RaaS) operation has targeted more than 500 private industry and critical infrastructure entities in North America, Europe, and Australia since its emergence in 2022. Its affiliates have targeted over 500 private industry and critical infrastructure entities, including healthcare organisations, in North America, Europe, and Australia.

Now, the US Cyber Defense Agency, Cybersecurity & Infrastructure Security Agency (CISA) the FBI and other agencies are encouraging organisations to review and implement the mitigations provided in a joint Cyber Security Advisory to reduce the likelihood and impact of Black Basta and other ransomware incidents.

Ransomware is a type of malware designed to encrypt files on a device, rendering them and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption.  The CISA Advsisory aims to provide cyber security defenders with tactics, techniques, and procedures (TTPs) used by known Black Basta ransomware affiliates and identified through FBI investigations and third-party reporting. 

Current investigations indicate that Black Basta is a Russian-speaking group and in the Russian language the term is slang for  'stop', 'that's enough', or 'I quit'. 

Over time, malicious actors have adjusted their ransomware tactics to be more destructive and impactful and have also exfiltrated victim data and pressured victims to pay by threatening to release the stolen data. The application of both tactics is known as “double extortion.” In some cases, malicious actors may exfiltrate data and threaten to release it as their sole form of extortion without employing ransomware. 

Like most cybercriminals, Black Basta is primarily financially motivated and the group is known to demand large sums in ransom - sometimes millions of dollars. Operators in the group have focused their interest in specifically targeting English-speaking  countries, which might possibly suggest a political motive for their criminal exploits.  

CISA   |   CISA   |   Hacker News   |   US Dept. Health & Human Services   |

Image:  Ideogram

You Might Also Read: 

Quadruple Extortion Ransomware:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« A Critical Vulnerability In The Post-PSTIA Era 
Cloud Threats Require New Advanced Defenses »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Cyber Security Capital (CS^)

Cyber Security Capital (CS^)

Cyber Security Capital is a consultancy helping to mobilise and empower individuals, corporate leaders and entrepreneurs in cyber security.

Cologix

Cologix

Cologix provides reliable, secure, scalable data center and interconnection solutions from 24 prime interconnection locations across 9 strategic North American edge markets.

SEPPmail

SEPPmail

SEPPmail is a patented e-mail encryption solution to secure your electronic communication.

AlAnsari Technical Solutions (ATS)

AlAnsari Technical Solutions (ATS)

ATS is a Kuwait based company specialised in delivering hardware/software, Virtualisation, IP Telephony / Unified Communication, Networking and professional IT services and solutions.

Johnson Controls International

Johnson Controls International

Johnson Controls is a global diversified technology company with a focus on smart cities, energy, infrastructure and transportation including the security of automation and control systems.

Matrix42

Matrix42

Matrix42 software for digital workspace experience manages devices, applications, processes and services simple, secure and compliant.

Trustonic

Trustonic

Trustonic is a leader in the device security market. Our mission is to protect apps, secure devices & enable trust.

Baker Donelson

Baker Donelson

Baker Donelson is a law firm with a team of more than 700 attorneys and advisors representing more than 30 practice areas including Data Protection, Privacy and Cybersecurity.

Avertium

Avertium

Avertium is the managed security and consulting provider that companies turn to when they want more than check-the-box cybersecurity.

Bloc Ventures

Bloc Ventures

Bloc Ventures is an investment company providing long-term, ‘patient’ equity capital to early stage unquoted deep technology companies.

DH2i

DH2i

DH2i is a leading provider of multi-platform Software Defined Perimeter and Smart Availability software enabling customers to create an entire IT infrastructure that is always-secure and always-on.

Netcraft

Netcraft

Netcraft is a global leader in cybercrime detection and disruption, combining cutting-edge technology with decades of experience to protect organizations of all sizes from digital threats and attacks.

Pulsar Security

Pulsar Security

Pulsar Security is a team of highly skilled, offensive cybersecurity professionals with the industry's most esteemed credentials and advanced real-world experience.

Mesh Security

Mesh Security

Mesh Security transforms security data, tools, and infra for enterprise-wide visibility and control.

Cloudbox

Cloudbox

Cloudbox build and maintain a highly secure, compliant IT infrastructure for our clients – with total peace of mind – so they can focus on the market.

CertX

CertX

CertX is a Swiss functional safety, cybersecurity and artificial intelligence certification body.