Original release date: May 11, 2021
CISA and the Federal Bureau of Investigation (FBI) have released a Joint Cybersecurity Advisory (CSA) on a ransomware-as-a-service (RaaS) variant—referred to as DarkSide—recently used in a ransomware attack against a critical infrastructure (CI) company.
Cybercriminal groups use DarkSide to gain access to a victim’s network to encrypt and exfiltrate data. These groups then threaten to expose data if the victim does not pay the ransom. Groups leveraging DarkSide have recently been targeting organizations across various CI sectors including manufacturing, legal, insurance, healthcare, and energy.
Prevention is the most effective defense against ransomware. It is critical to follow best practices to protect against ransomware attacks, which can be devastating to an individual or organization and recovery may be a difficult process. In addition to the Joint CSA, CISA and FBI urge CI asset owners and operators to review the following resources for best practices on strengthening cybersecurity posture:
Victims of ransomware should report it immediately to CISA, a local FBI Field Office, or a Secret Service Field Office.
This product is provided subject to this Notification and this Privacy & Use policy.
Systems Affected Applications that process JPEG images on Microsoft Windows, including but not limited to…
Systems Affected This vulnerability affects the following Microsoft Windows operating systems by default: Microsoft Windows…
CISA, in partnership with Federal Bureau of Investigation, the National Security Agency, Department of Energy,…
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA and the Australian Signals Directorate’s Australian Cyber Security Centre, in collaboration with federal and international…
This website uses cookies.