The Cybersecurity and Infrastructure Security Agency and the FBI have released a joint cybersecurity advisory warning organizations against a ransomware variant that targets the critical infrastructure sector.
The CSA outlines indicators of compromise and tactics, techniques and procedures associated with the Snatch ransomware variant identified through recent FBI investigations, CISA said Wednesday.
Snatch is a ransomware-as-a-service operation that uses data exfiltration and double extortion to target a wide range of critical infrastructure sectors, including the defense industrial base.
According to the agencies, Snatch operators have changed their tactics based on current trends in the cybercriminal space and the successes of other ransomware operations.
The FBI and CISA recommended that organizations review the CSA and implement best practices to mitigate Snatch ransomware attacks.
