BlackSuit is a sophisticated ransomware operation that has emerged as a significant threat in the cybersecurity landscape. BlackSuit’s tactics and high-profile targets make it a formidable threat, requiring vigilance and robust defensive measures.
BlackSuit has successfully hit targets in several public and private sector organizations, including:
- Education organizations
- Local governments
- Businesses across the United States
Attack Methods:
- BlackSuit primarily uses phishing emails for initial access.
- After gaining access, the group deactivates antivirus software and uses remote monitoring and management software for persistence.
- The ransomware operators exfiltrate data before encrypting files, employing a double extortion strategy.
Ransom Demands:
- BlackSuit’s ransom demands have exceeded $500 million in total since its emergence.
- Individual ransom amounts typically range from $1 million to $10 million in Bitcoin, with some demands reaching up to $60 million.
The FBI and CISA have provided a comprehensive advisory with recommended mitigations for network defenders:
StopRansomware: BlackSuit (Royal) Ransomware Advisory
If you need help closing your cybersecurity gaps, DataLink is here to help.
Contact us today.
(410) 729-0440 | Email
