Federal Advisory Warns of Increasing Conti Ransomware AttacksFederal Advisory Warns of Increasing Conti Ransomware Attacks
Also, a second grain coop is hit with ransomware, and the Port of Houston fends off a cyberattack.
September 24, 2021
The federal government has issued an advisory that more than 400 U.S. and international organizations have been attacked with Conti ransomware.
The FBI, Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA) released the advisory. Malicious cyber actors use Conti ransomware to steal sensitive files from domestic and international organizations, encrypt the targeted organizations’ servers and workstations, and demand a ransom payment from the victims.
Conti is considered a ransomware-as-a-service (RaaS) variant; however, there is a variation in its structure that makes it different. It’s likely that Conti developers pay the ransomware deployers a wage rather than a percentage of the proceeds used by affiliate cyber actors. In addition, they get a share of the proceeds from a successful attack.
The joint advisory recommends mitigations for network defenders. Those include updating your operating system and software, requiring multifactor authentication (MFA) and implementing network segmentation.
Illusive’s Robert Golladay
Robert Golladay is Illusive‘s EMEA and APAC director. He said the escalation in Conti ransomware attacks isn’t surprising.
“We continue to see it distributed through TrickBot infections,” he said. “Threat actors are constantly stepping up their game and improving their tools to increase their success rate, and then sharing what works. They effectively operate a GitHub for attackers, sharing code once they’ve been successful with a technique. Once an attacker is in the network, which inevitably will happen, it won’t take them long to move laterally to target ‘crown jewels.'”
Scroll through our slideshow above for more on Conti ransomware and more cybersecurity news.
Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn.
About the Author(s)
You May Also Like
AWS re:Invent Partner, Vendor News: Cisco, Salesforce, MoreDec 01, 2023
People on the Move: Comcast, Cisco, NICE, TPx, Barracuda, MoreNov 29, 2023
AWS re:Invent 2023 Partner News: Marketplace, Salesforce, Certs, MoreNov 29, 2023
AWS re:Invent Expo: VMware, Snyk, HPE, More Showcase Cloud, Security, AINov 28, 2023