Cyber ​​Security Threats Alert: BlackMatter Ransomware – News Couple

Cyber ​​Security Threats Alert: BlackMatter Ransomware

The FBI, CISA, and NSA have released a joint advisory report on the BlackMatter ransomware ring. This group has been gaining momentum with its attacks since July 2021 and claims to be the successor to the ransomware groups Darkside and REvil.

The following best practices provided by the joint advisor will ensure that your assets and those of your clients are safe. (Note from the sponsor of this post: Barracuda Managed XDR Endpoint Protection actually blocks any associated hash values, and Barracuda Managed XDR Network Security Monitor provides dedicated detection mechanisms for this threat, but we also suggest you follow them in the spirit of extreme protection.)

What is BlackMatter Ransomware?

The recent ransomware gang poses a serious threat to companies, claiming to be the successor to the popular DarkSide and REvil ransomware suites. The gang built a network of affiliates by recruiting threat actors with access to the networks of large corporations in an attempt to infect their ransomware. In particular, they will not target healthcare institutions, critical infrastructure, institutions in the defense industry, and not-for-profit companies.

This is especially noteworthy because ransomware can cause an organized loss of a large amount of money and data if not handled properly. More and more threat actors are looking to use ransomware as a way to make money. Furthermore, the fact that BlackMatter appears to be targeting large companies should be concerning to both customers and employees of that organization.

Ransomware is a difficult threat to deal with, as it encrypts all your data and may paralyze your business, resulting in the loss of money. Organizations must be wary of threatening actors trying to gain access to their network in order to keep their data safe.

What are the recommendations?

Barracuda MSP recommends the following measures to protect your organization from ransomware attacks:

    • Make sure you have cloud and offsite backups to restore your data.
    • Use strong passwords and enable multi-factor authentication within your network.
    • Keep your systems patched and updated to protect against the latest security vulnerabilities.
    • Perform network segmentation
    • Use US-CERT advice to implement other recommendations to protect yourself.

You can also take advantage of Barracuda Managed XDR Endpoint Protection and Network Security Monitor, which will block associated hash values ​​and provide custom detection mechanisms for this threat.


For more in-depth information on the recommendations, please visit the following links:

This post was based on a threat alert issued by our SKOUT Managed XDR team. For more information on the best way to set up your MSP business to protect customers from cyberthreats, visit the Barracuda Managed XDR page.

Source link

Related Articles

Back to top button