{"id":769,"date":"2022-02-16T11:54:44","date_gmt":"2022-02-16T10:54:44","guid":{"rendered":"https:\/\/solutech.true-emotions.studio\/?p=769"},"modified":"2022-02-17T13:17:43","modified_gmt":"2022-02-17T12:17:43","slug":"blackbyte-ransomware-attacks-target-u-s-critical-infrastructure","status":"publish","type":"post","link":"https:\/\/www.acstunisia.com\/index.php\/2022\/02\/16\/blackbyte-ransomware-attacks-target-u-s-critical-infrastructure\/","title":{"rendered":"BlackByte Ransomware Attacks Target U.S. Critical Infrastructure"},"content":{"rendered":"[vc_row pix_padding_top=\u00a0\u00bbpadding No\u00a0\u00bb pix_padding_bottom=\u00a0\u00bbpadding No\u00a0\u00bb gradient_colors=\u00a0\u00bb%5B%7B%7D%5D\u00a0\u00bb][vc_column][vc_column_text]\u00a0\u00bb<\/p>\n<div>The BlackByte ransomware group breached the network of multiple US-based organizations in the critical infrastructure sector in the past three months. US officials have released a joint advisory warning against the threat.<\/div>\n<div><\/div>\n<h3>What\u2019s in the advisory?<\/h3>\n<ul>\n<li>According to a joint <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/fbi-blackbyte-ransomware-breached-us-critical-infrastructure\/\" target=\"_blank\" rel=\"noopener\">advisory<\/a> released by the FBI and U.S. Secret Service, BlackByte has targeted various U.S. and foreign businesses in the last few months.<\/li>\n<li>Three of its victims belong to government facilities, financial, food and agriculture sectors.<\/li>\n<li>The advisory identifies BlackByte as a RaaS targeting Windows systems, both physical and virtual servers.<\/li>\n<li>It further provides technical details, IOCs, and mitigation steps to help organizations stay protected from the group\u2019s attacks.<\/li>\n<\/ul>\n<div><\/div>\n<h3>Attack tactics<\/h3>\n<div>This ransomware group abuses software vulnerabilities (e.g. Microsoft Exchange Server) to obtain initial access to targets&rsquo; networks. Therefore, unpatched servers are likely to be the target of these attackers.<\/div>\n<div><\/div>\n<h3>Recent victims of BlackByte<\/h3>\n<div>Besides the advisory, BlackByte was in the headlines due to attacks on various organizations in the past few months.<\/div>\n<ul>\n<li>Just a few days ago, NFL\u2019s San Francisco 49ers team was <a href=\"https:\/\/threatpost.com\/blackbyte-tackles-the-sf-49ers-us-critical-infrastructure\/178416\/\" target=\"_blank\" rel=\"noopener\">targeted<\/a> by BlackByte. The attackers claim to have stolen their data and leaked 300MB files on their data leak blog.<\/li>\n<li>In December 2021, <a href=\"https:\/\/www.techtarget.com\/searchsecurity\/news\/252510334\/BlackByte-ransomware-attacks-exploiting-ProxyShell-flaws\" target=\"_blank\" rel=\"noopener\">BlackByte&rsquo;s<\/a> campaign launched attacks against organizations exposed to ProxyShell flaws in Microsoft Exchange.<\/li>\n<\/ul>\n<div><\/div>\n<h3>Conclusion<\/h3>\n<div>The advisory by the FBI should be considered seriously and organizations must raise their security barriers higher to fend off threats such as BlackByte. The advisory includes a <a href=\"https:\/\/www.ic3.gov\/Media\/News\/2022\/220211.pdf\" target=\"_blank\" rel=\"noopener\">list of measures<\/a> to be taken to stay protected.<\/div>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\t\t\t\t\t\t\t\tThe BlackByte ransomware group breached the network of multiple US-based organizations in the critical infrastructure sector in the past three months. US officials have released a joint advisory warning against the threat.<\/p>\n","protected":false},"author":1,"featured_media":2323,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[2,3],"tags":[],"class_list":["post-769","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","category-security"],"_links":{"self":[{"href":"https:\/\/www.acstunisia.com\/index.php\/wp-json\/wp\/v2\/posts\/769","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.acstunisia.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.acstunisia.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.acstunisia.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.acstunisia.com\/index.php\/wp-json\/wp\/v2\/comments?post=769"}],"version-history":[{"count":4,"href":"https:\/\/www.acstunisia.com\/index.php\/wp-json\/wp\/v2\/posts\/769\/revisions"}],"predecessor-version":[{"id":4015,"href":"https:\/\/www.acstunisia.com\/index.php\/wp-json\/wp\/v2\/posts\/769\/revisions\/4015"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.acstunisia.com\/index.php\/wp-json\/wp\/v2\/media\/2323"}],"wp:attachment":[{"href":"https:\/\/www.acstunisia.com\/index.php\/wp-json\/wp\/v2\/media?parent=769"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.acstunisia.com\/index.php\/wp-json\/wp\/v2\/categories?post=769"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.acstunisia.com\/index.php\/wp-json\/wp\/v2\/tags?post=769"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}