Are you superstitious? There’s a new Ransomware as a Service (RaaS) making the rounds, called BlackCat, or AlphaVM/V, which has been effective enough to merit a flash alert from the U.S. Federal Bureau of Investigation (FBI).
BlackCat has grabbed the data and compromised the security of huge entities across the globe—but a company does not have to be a big player to find itself the victim of RaaS.
As an IT consultant in Denver, CO, Business Network Consulting (BNC) Services recommends that all companies stay aware of new developments in cybersecurity threats.
What happens when BlackCat crosses your path
RaaS represents a huge step forward for the hacker industry, as it were, in the sense that it systematizes the system of ransomware. Would-be bad actors no longer have to develop ransomware themselves but can instead buy or rent established programs to do the dirty work for them.
Ransomware infiltrates business networks by exploiting gaps in operating systems or through user error. BlackCat gains access to entities’ systems through “previously compromised user credentials,” according to the FBI Flash Alert. “BlackCat/ALPHV steals victim data prior to the execution of the ransomware, including from cloud providers where company or client data was stored.”
It locks access to systems and data. Then, the company receives a message requesting a payment (usually in Bitcoin) in order to regain access. If the ransom is not received, ransomware like BlackCat releases sensitive information, which can harm the company. BlackCat has been requesting payments for several million dollars.
What makes BlackCat unique is its utilization of the RUST programming language, which the FBI Flash Alert says, “is considered to be a more secure programming language that offers improved performance,” as well as its business model, which allows its affiliates (renters/buyers) to pay a relatively small amount to use it, and then give BlackCat purveyors a percentage of the ransom.
What can you do?
It’s imperative that companies are aware that cybercrime is always shifting, always improving, always looking for a new way to take advantage of gaps in security. The days of one-size-fits-all network security systems are over. To do battle with a threat like BlackCat, it’s a good idea to have an expert in your corner.
BNC provides cybersecurity services in Denver, and its experts know how to assess risk, make recommendations, and implement top tier security. They work with companies to understand their business models and requirements and build tailored solutions to keep your data and network secure.
The FBI makes several suggestions for prevention of BlackCat (and other ransomware) data seizures. For example, a thorough review of “domain controllers, servers, workstations, and active directories for new or unrecognized user accounts,” is a good first step for determining if your business is at risk for exploitation by BlackCat. Reviewing scheduled tasks and antivirus logs also provides important information.
They also recommend more proactive approaches, such as using multifactor authentication and reconfiguring user privileges so there are fewer points of entry for hackers. A BNC consultant can audit your current procedures and logs, as well as discovering where your security needs to be strengthened.
BlackCat ransomware doesn’t have to mean bad luck for your company. It could be something that just passes you by.