InfoSecBulletin Cybersecurity for mankind
The FBI has identified dual ransomware attacks as an increasing cybercrime trend. These attacks involve targeting a company twice within a short period of time. The attackers use two different types of ransomware to cause maximum harm, resulting in data encryption, data theft, and financial losses from ransom payments.
AvosLocker, Diamond, Hive, Karakurt, LockBit, Quantum, and Royal are some ransomware strains being used. To protect against such attacks, the FBI recommends companies to create backups and encrypt them.
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
ALSO READ:
The FBI believes that in early 2022, there was a rise in dual ransomware attacks. Multiple ransomware groups started using custom data theft, wiper tools, and malware to pressure victims into negotiating. In some cases, they added new code to known data theft tools to avoid detection.
In 2022, some malware stayed inactive until a specific time, and then it corrupted data periodically.
How businesses can protect themselves from dual ransomware attacks:Â
The FBI has issued a flash warning recommending that companies take steps to protect themselves from attacks. They suggest that companies regularly backup their data and ensure that these backups are encrypted, as attackers often target backups.
The FBI advises businesses to check the software supply chains and the security arrangements of vendors. They recommend monitoring and reviewing all connections between third-party vendors and external software or hardware for any suspicious activity. The advisory also suggests implementing listing policies for applications and remote access. These policies should only allow systems to run programs that are known and permitted under a security policy that has been established.
The law enforcement agency advises companies to document and monitor external remote connections. This will help them implement remote management and maintenance during an attack. They should also create a recovery plan by keeping multiple copies of sensitive data and servers in a separate location from the originals.
The FBI suggests that organizations should review and, if necessary, update their incident response and communication plans that outline the actions they will take in case they are affected by a cyber incident.
