top of page

BREAKING | FBI warns businesses about ransomware breaching over 60 companies

On April 24th, 2022 the Federal Bureau of Investigation alerted the American public that a new wave of ransomware attacks have victimized at least 60 businesses since March of this year.

On April 24th, 2022 the Federal Bureau of Investigation alerted the American public that a new wave of ransomware attacks have victimized at least 60 businesses since March of this year.

Ransomware attacks against businesses have increased at least 62% in 2021 according to pandasecurity.com. This trend is expected to increase as we move further into 2022 and 2023. A Forbes survey taken last year reports that at least 80% of businesses in the United States have observed attempted ransomware attacks against their systems. It is becoming increasingly more important that businesses of all sizes remain vigilant in training their employees on good cyberhygene protocols, and developing proper reporting standards.


Earlier this week the FBI released an alert that a new breed of ransomware, formally known as Blackcat ransomware-as-a-service, has victimized at least 60 companies since march of this year. This ransomware is also known as ALPHV and Noberus. This program is linked to an extensive network of illegal hacker "firms" that operate internationally.


Blackcat is only the most recent version of a new wave of hacking entities that operate as functional, underground, "business" networks. What is important to understand here is that these hacking entities function as underground businesses and are a new form of organized crime. These underground entities are organized and constantly innovating new hacking technologies.


For example, the Blackcat ransomware operates on one such illegality 'business model' known as ransomware as-a-service (RaaS). The RaaS model is similar to a business partnership between two entities, the operator and the affiliates. The operator of a RaaS product develops a framework and foundation for ransomware programs. This is known as a "Ransomware Kit", which is then marketed online to affiliates.

"What is important to understand here is that these hacking entities function as underground businesses and are a new form of organized crime. "

Affiliates often pay an initial sum of money to the operator for access to the program, then they can agree to a percentage split of all ransoms collected using the ransomware kit. After the affiliate purchases the ransomware kit, the affiliate can then modify it to suit their personal needs and the vulnerabilities of the companies they seek to target.


This illegal partnership between the operator and the affiliate allow people who don't have the time, skills, or technologies to develop a ransomware program from the ground access to the tools and resources necessary to ransom companies of all sizes for money. This organized crime business model has likely contributed to the rapid increase in ransomware attacks since 2020.

This partnership between the operator and the affiliate allow people ... access to the tools necessary to ransom companies.

Additionally, the RaaS ransomware model has created a scalable form of hacking that allows one operator to market their program and services to several affiliates simultaneously. Operators and Affiliates are now able to develop multiple strains of ransomware simultaneously. This will allow for multiple strains to be released at the same time, creating waves of ransomware attacks such as the Blackcat ransomware wave we are observing now.


As mentioned previously in this article, we can only expect to see an increase in these types of organized attacks in the future. It is no longer enough to handle these events internally or hope that your company will not be targeted in this kind of event. If your company has not been involved in this kind of attack, it is only a matter of time until you too become a victim of hacking or ransomware attacks.

the RaaS ransomware model has created a scalable form of hacking that allows one operator to market their program and services to several affiliates simultaneously... create[ing] the waves of ransomware attacks observed [today].

Use the link below to connect with our team of cybersecurity experts today. We at Pentagon Cyber, Inc take pride in protecting your business from these kinds of attacks. Our team of experts are world leaders in the industry of cybersecurity, working with both large entities such as international governments and small businesses in improving their cybersecurity posture.


Don't leave your cybersecurity defense to chance, book today and receive your FREE initial consultation.


Comments


bottom of page