Connect with us

Hi, what are you looking for?

Tech & Science

Emergency measures required: BlackCat ransomware attacks increase

This malware focuses on compromising user credentials.

US federal agencies warned hackers were targeting the business sector using malware that can lead to ransomware attacks - © AFP
US federal agencies warned hackers were targeting the business sector using malware that can lead to ransomware attacks - © AFP

The U.S. FBI has issued a stark warning about the rise of BlackCat ransomware-as-a-service (RaaS) attacks. These have victimized at least 60 entities worldwide.

Described by security analysts as the “most sophisticated” ransomware group of 2021, BlackCat ransomware is established as a dangerous attack mode within the cybersecurity community. The operator behind the ransomware group have been linked to the notorious BlackMatter operation.

To explore the issue, Digital Journal caught up with two cybersecurity experts with different viewpoints surrounding this incident. The first is cybersecurity evangelist Alon Nachmany, Field CISO of AppViewX.

The second, in a companion article, is from privilege access management leader Raj Dodhiawala, president of Remediant.

Starting with Alon Nachmany, the expert begins by considering the geographical scope of the recent attacks; “While the majority of BlackCat’s 60 victims were in the EU, more than 30 percent of BlackCat compromises have targeted U.S. firms.”

Continuing his U.S. focus, Nachmany  says: “With the FBI’s memo, it’s clear the U.S. government is expecting this to hit the states soon. With the Colonial Pipeline ransomware attack anniversary right around the corner, critical infrastructure should be on extra alert. Today’s hackers know what they’re doing. These threats are extinction-level events for organizations and have detrimental effects on our natural resources, economy, military and much more.”

Looking at the specific attack mode, Nachmany  says: “As this malware focuses on compromising user credentials, organizations can instead replace the password with a digital certificate – the backbone to cybersecurity and keeping digital systems safe.”

The required action needs to involve moving beyond the password. According to Nachmany: “Simply put, passwords aren’t enough. People forget them, and forget where they’re used. Recognizing these issues, I’ve seen many organizations starting to shift their priorities. In our recent report with the Ponemon Institute, we’ve found organizations are putting greater emphasis on managing and securing digital certificates (54 percent) versus human identities, such as usernames and passwords, (46 percent), which they feel are less important.”

There are steps that organizations can take, however, to better protect themselves from this new cyber-onslaught. Nachmany recommends: “The long-term resolution to ensuring an organization’s most valuable asset – its digital presence – is protected is to begin using short-lived certificates and incorporating full automation to manage its lifecycle. This way, if the keys are compromised, they are not used by attackers and the window of opportunity for such sophisticated attacks are reduced.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Tech & Science

Radiolab focuses on investigative journalism into science, tech and even legal history. Continuing with over 200 episodes.

Business

The report details the output from AI systems used to identify critical trends shaping the future of AML and financial crime prevention.

Tech & Science

The Internet Archive, an online repository of web pages, was offline Thursday after its founder confirmed a major cyberattack.

World

The Nobel Peace Prize was awarded to the Japanese anti-nuclear group Nihon Hidankyo, atomic bomb survivors from Hiroshima and Nagasaki.