BlackCat is a malicious software, deployed as a form of ‘ransomware-as-a-service’, in that BlackCat is seeking affiliates to deploy its ransomware. Affiliates keep a 90 percent share of the ransom payment, with the remainder going to the BlackCat author.
One of the concerns with the ransomware package is with its highly-customizable feature set. This allows the software to be deployed for attacks on a wide range of corporate environments. Through this, BlackCat can target Windows, Linux, and VMWare ESXi systems.
Part of the strength of the malicious code arises because the ransomware is written using Rust which is memory safe and reduces the chances of creation of bugs that security researchers can exploit.
In a companion article, Digital Journal heard from cybersecurity evangelist Alon Nachmany, Field CISO of AppViewX about some of the steps the businesses can take to protect themselves from ransomware incidents.
To gain a second, and more specific perspective, on BackCat ransomware, Digital Journal canvassed the opinion of Raj Dodhiawala, president of Remediant.
Dodhiawala sees the rise of BlackCat and other forms of malicious activity as something that businesses should have been prepared for, noting: “While terrifying, the increase we’re seeing in ransomware groups like BlackCat attacking the supply chains and industrial companies is not surprising.”
There is a rationale that occupies the minds of hackers, which Dodhiawala spells out as: “Ransomware often hits industrial control systems (ICS) or other operational technology environments, with significant impact and both governments and security groups have been warning organizations that ransomware poses an increasing threat to industrial systems.”
There needs to be a particular focus with logistics, says Dodhiawala and he states: “Protecting the supply chain from malware like BlackCat can be as easy as establishing a proper privileged access management program. It requires a methodical approach.”
As to what this entails, Dodhiawala recommends: “After discovering and vaulting the most coveted accounts, it is essential to look at standing privileges across the estate. As headlines continually show us, managing your standing privileges is one of the most critical and effective methods to prevent lateral movement and halt most incidents. The longer you wait to address it – the greater your chances of becoming a headline.”
