Cybersecurity Network Management IT and Network Support 911 and Emergency Communications Centers

Cybersecurity Threat Advisory: BlackMatter Ransomware

Mike Beagles
Mike Beagles October 27, 2021 2 min read

As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.

This week there is a new critical alert that requires the mission-critical community’s immediate attention.

Advisory Overview

The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) released a joint advisory about the BlackMatter ransomware gang. This group has been gaining traction with its attacks since the end of July and claims to be the successor of the Darkside and REvil ransomware groups.

What Is the Threat?

The BlackMatter ransomware gang has been setting up a network of affiliates by recruiting cyberattackers with access to networks of large enterprises in an attempt to infect them with its ransomware. Peculiarly, they will not target healthcare organizations, critical infrastructure, organizations in the defense industry, and non-profit companies.

Why Is it Noteworthy?

This is especially noteworthy because a ransomware attack can cause an organization to lose a large amount of money and data if not handled properly. More and more cyberattackers are looking to utilize ransomware as a way to make money. Further, the fact that BlackMatter seems to be targeting large corporations should be alarming to both customers and employees of such organizations.

What Is the Risk?

Ransomware is an extremely difficult threat to deal with, as it encrypts all of an organization’s data and may cripple its business. Such attacks can cause organizations to lose significant amounts of money, through lost business and/or ransom payments. To keep their data safe, organizations should be wary of cyberattackers attempting to access their networks and systems.

What Are the Recommendations?

MCP recommends the following actions to keep your organization protected against ransomware attacks:

  • Ensure that your organization has cloud and offsite backups in place, which will make data recovery faster and easier
  • Utilize strong passwords and enable multifactor authentication within your organization’s networks and systems
  • Keep your networks and systems patched and updated to guard against the latest vulnerabilities
  • Implement network segmentation
  • Utilize the United States Computer Emergency Readiness Team (US-CERT) advisory to implement other recommendations to protect your organization’s networks, systems, and data

References

For more in-depth information about the recommendations, please visit the following links:

If you are looking for guidance, please reach out. MCP offers a comprehensive cybersecurity solutions suite that is designed specifically for public safety and justice entities and other critical infrastructure organizations, to help them determine their network, data, and application vulnerabilities. We can help you develop a complete cyberattack prevention strategy. Contact us today to learn more.

Don't forget to share this post!

Mike Beagles
Mike Beagles
Mike has specialized experience with supporting public safety agencies by providing technical expertise, strategic planning and general consulting for new and innovative mission critical technologies as well as legacy solutions. Throughout his long-standing career, he has worked as a technical service manager and network engineer for several public safety software companies, as well as an IT manager with a mid-tier public safety 911/ CAD/RMS/Mobile software provider. His expertise runs deep in team and project management for large and small projects, which he has done for more than 12 years.

Related posts

Cybersecurity Network Management IT and Network Support

Cybersecurity Threat Advisory: LockBit Ransomware

August 16, 2021
Mike Beagles
Cybersecurity

Cybersecurity Threat Advisory: Black Basta Ransomware Group Threat

June 27, 2022
Mike Beagles