The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA) and the FBI have jointly published an advisory that features technical details and an analysis of the BlackMatter ransomware.
BlackMatter, a ransomware-as-a-service tool, has been used in attacks on U.S. critical infrastructure including two organizations in the U.S. food and agriculture sector, NSA said Monday.
The cybersecurity advisory also provides recommendations that organizations can follow to mitigate risks related to BlackMatter. Cyber actors have used BlackMatter with compromised credentials to access networks and block data access via encryption.
“This advisory highlights the evolving and persistent nature of criminal cyber actors and the need for a collective public and private approach to reduce the impact and prevalence of ransomware attacks,” said Eric Goldstein, executive assistant director for cybersecurity for CISA.