Black Basta claimed all suspicions and responsibility for the attacks.
According to a joint report by the FBI and CISA, Black Basta's partners attacked more than 500 organizations between April 2022 and May 2024. The group also encrypted and stole data from at least 12 of 16 critical infrastructure sectors.
Black Basta, which began operating under the Ransomware-as-a-Service (RaaS) model in April 2022, has attacked many large targets, including German defense company Rheinmetall, Swiss robotics company ABB, and British technology outsourcing company Capitals.
After the Conti cybercrime syndicate ceased its activities in May 2022, it broke up into several groups, one of which, presumably, was Black Basta. Research by Elliptic and Corvus Insurance shows that the ransomware received at least $100 million. in the form of ransoms from more than 90 victims (as of November 2023). It is noted that the group for the first 2 weeks of its work attacked at least 20 victims.
The attack protection tips published in the joint guide recommend updating operating systems, software, and firmware, using phishing-resistant multi-factor authentication, training users to recognize phishing attempts, and protecting remote access programs.
Special attention is paid to threats to healthcare organizations. Due to their reliance on technology and access to personal health information, they are of particular interest to cybercriminals. The authorities strongly recommend applying the proposed risk mitigation measures to protect against attacks.
According to a joint report by the FBI and CISA, Black Basta's partners attacked more than 500 organizations between April 2022 and May 2024. The group also encrypted and stole data from at least 12 of 16 critical infrastructure sectors.
Black Basta, which began operating under the Ransomware-as-a-Service (RaaS) model in April 2022, has attacked many large targets, including German defense company Rheinmetall, Swiss robotics company ABB, and British technology outsourcing company Capitals.
After the Conti cybercrime syndicate ceased its activities in May 2022, it broke up into several groups, one of which, presumably, was Black Basta. Research by Elliptic and Corvus Insurance shows that the ransomware received at least $100 million. in the form of ransoms from more than 90 victims (as of November 2023). It is noted that the group for the first 2 weeks of its work attacked at least 20 victims.
The attack protection tips published in the joint guide recommend updating operating systems, software, and firmware, using phishing-resistant multi-factor authentication, training users to recognize phishing attempts, and protecting remote access programs.
Special attention is paid to threats to healthcare organizations. Due to their reliance on technology and access to personal health information, they are of particular interest to cybercriminals. The authorities strongly recommend applying the proposed risk mitigation measures to protect against attacks.
