A ransomware gang is targeting U.S. critical infrastructure, the FBI has warned, adding the group, dubbed BlackByte, has so far targeted government facilities, financial services, and food and agriculture critical infrastructure.
“The BlackByte executable leaves a ransom note in all directories where encryption occurs. The ransom note includes the .onion site that contains instructions for paying the ransom and receiving a decryption key. Some victims reported that the actors used a known Microsoft Exchange Server vulnerability as a means of gaining access to their networks.” the FBI explained in a cybersecurity advisory.
TechCrunch cited a cybersecurity expert as saying BlackByte was not the most active ransomware-as-a-service group, but it has increased the frequency of its attacks over the last few months.
“The FBI and USSS advisory states that BlackByte has been deployed in attacks on at least three U.S. critical infrastructure sectors, including government,” Brett Callow from Emsisoft told TechCrunch.
“Interestingly, no such organizations are listed on the gang’s leak site, which could indicate that those organizations paid, that no data was exfiltrated or that BlackByte chose not to release the exfiltrated data,” he said. “That final option is not unlikely: since the arrests of members of REvil, the gangs seem to have become more cautious about releasing data, and especially in the case of U.S. organizations.”
Energy infrastructure is a major target for cybercriminals as proven by last year’s attack that shut down the Colonial pipeline. The Colonial pipeline is the biggest pipeline infrastructure in the United States, running 5,500 miles from Houston to Linden, New Jersey, carrying some 2.5 million barrels of gasoline and diesel daily. It accounts for 45 percent of the gasoline and diesel supply to the East Coast.
The pipeline was restarted after its owner, Colonial Pipeline Co., paid a ransom of some $5 million, some of which was later retrieved by the FBI from the attackers from DarkSide.
By Charles Kennedy for Oilprice.com
More Top Reads From Oilprice.com:
- Chinese EV Stocks Are Flying Again
- Oil Refining Industry Can't Keep Up With Demand
- Even OPEC Thinks Oil Prices Are Too High