FBI Alerts on Rising Dual Ransomware Attacks
No attachments for this post
The FBI is cautioning industries about an emerging trend in cyber threats: attackers hitting the same targets with ransomware twice in quick succession.
As of July 2023, the FBI's Private Industry Notification highlighted this trend of dual attacks using different ransomware variants in the victim’s systems, including the likes of AvosLocker, Diamond, Hive, Karakurt, LockBit, Quantum, and Royal. Such attacks often lead to data encryption, information theft, and financial repercussions from ransoms.
The alert emphasized the compounded harm of a second ransomware attack on an already compromised system. Moreover, the bureau observed a surge in customized data theft tools, wiper tools, and malware usage by ransomware groups. These are designed to pressure victims into negotiations. Some attackers even modified known theft tools to evade detection or used data wipers that lay dormant before activating to corrupt data.
While dual ransomware attacks aren't unprecedented, with several instances in the past of systems being affected by multiple ransomware strains, the FBI's notice showcases the evolving nature of the threat. Notably, Symantec’s Threat Hunter Team recently identified a new ransomware named 3AM, used in a singular incident where the attackers couldn't deploy the LockBit ransomware.
For enhancing cybersecurity, the FBI offers guidance on proactive response to cyber threats, improved identity/access management, effective protective measures, and enhanced vulnerability and configuration management.
Comments on this post
No comments have been added for this post.
You must be logged in to make a comment.