Black Basta has compromised over 500 organizations globally:CISA

Share post:

The Cybersecurity and Infrastructure Security Agency (CISA) along with the FBI reported that the Black Basta ransomware group has compromised over 500 organizations globally, impacting numerous sectors of critical infrastructure across North America, Europe, and Australia. This escalation of cyber threats has occurred between April 2022 and May 2024, according to a joint analysis by CISA, the FBI, the Department of Health and Human Services (HHS), and the Multi-State Information Sharing and Analysis Center (MS-ISAC).

Black Basta, which surfaced as a Ransomware-as-a-Service (RaaS) in April 2022, quickly demonstrated its capabilities by targeting high-profile entities including German defense contractor Rheinmetall, Hyundai’s European division, and other significant organizations in technology and public services. The cybersecurity community suspects that Black Basta might be an offshoot of the now-defunct Conti cybercrime syndicate, given its sophisticated operations and rapid ascent in the cybercrime arena.

Financially, Black Basta has been lucrative, extracting over $100 million in ransoms from more than 90 victims by November 2023. Their operational tactics and the anonymity afforded by avoiding recruitment or advertising on Dark Web forums further allude to the group’s strategic and secretive nature.

The joint advisory by U.S. federal agencies has provided detailed defensive strategies to thwart such ransomware attacks. Recommended measures include updating all software, using phishing-resistant multi-factor authentication, training employees to recognize phishing attempts, and implementing rigorous security protocols for remote access software.

Particularly vulnerable to these ransomware campaigns are healthcare organizations due to their dependency on technology and the sensitive nature of the personal health information they handle. The increased focus on healthcare is evidenced by the recent suspected attack on the healthcare giant Ascension, leading to significant operational disruptions.

Authorities are urging all organizations, especially those in healthcare, to adopt the suggested security practices to mitigate the risks posed by Black Basta and similar cyber threats.


Related articles

Cyber Security Today, May 24, 2024 – A threat actor leverages Windows BitLocker in ransomware attacks, beware of ORB networks, and more

A threat actor leverages Windows BitLocker in ransomware attacks, beware of ORB networks, and more. Welcome to Cyber Security...

ChatGPT mobile mania: Why users are flocking to ChatGPT Plus

On the day OpenAI unveiled GPT-4o, ChatGPT's mobile app saw a staggering 22% spike in revenue, marking its...

Canada centralizing cybersecurity efforts of federal IT departments

Federal departments and agencies are making only marginal progress in improving their cyber maturity, Ottawa said Wednesday as...

Starlink’s evolution making it less “TCP/IP friendly”

The rapid evolution of Starlink's satellite internet presents significant challenges for traditional Transmission Control Protocol (TCP), according to...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways