Share this article

Latest news

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low

Copilot in Outlook will generate personalized themes for you to customize the app

Microsoft will raise the price of its 365 Suite to include AI capabilities

Death Stranding Director’s Cut is now Xbox X|S at a huge discount

Outlook will let users create custom account icons so they can tell their accounts apart easier

CISA releases advisory on Black Basta ransomware that targeted 500 industries, including the recent Ascension attack

The healthcare sector remains the prime target of threat actors

3 min. read

Published onMay 13, 2024

published onMay 13, 2024

Share this article

Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more

CISA, in collaboration with the FBI(Federal Bureau of Investigation), HHS(Department of Health and Human Services), and MS-ISAC(Multi-State Information Sharing and Analysis Center), recently released an advisory on theBlack Bastaransomware highlighting the attack details and mitigations.

According to theCISA’s advisory, threat actors usedBlack Bastato encrypt and steal data from 12 of the 16 critical industries. This includes theHealthcare and Public Health (HPH)sector.

New#StopRansomwareadvisory provides recently observed#IOCs&#TTPson Black Basta. With our partners@FBI,@HHSGov, &@CISecurity’s MS-ISAC, we published actionable information to help all orgs identify & protect against this ransomware activity:https://t.co/Z5MfWNcVAvpic.twitter.com/DR8IlJaSfY

DescribingBlack Basta, the advisory reads,

The advisory also delves into the modus operandi of theBlack Bastaaffiliates. It suggests that threat actors first breach the systems through known vulnerabilities, then both extract and encrypt the data, forcing organizations to cede to their demands.

The ransom amount is not shared right away, but affected organizations are instructed to contact theBlack Bastaaffiliates through a.onionlink, which is only accessible via theTorbrowser. Then, affected parties have 10-12 days to pay the ransom or risk having the data posted on theBlack Basta TORwebsite.

Amongst all the industries, healthcare remains the primary target for threat actors linked to theBlack Bastaransomware due to the critical information involved and the scale of disruption it causes, the Ascension attack being a recent example. It led to the non-profit diverting ambulances from hospitals following the attack, according toCNN.

Ascension didn’t share any more information about the attack but confirmed working alongside the FBI and CISA to ascertain the extent of the attack and identify if any personal information was compromised.

Although the CISA advisory didn’t directly connect Black Basta affiliates with the Ascension attack, reports suggest that threat actors linked to the ransomware were responsible.

Previously, theUnitedHealth Groupfaced a similar attack and had paid $22 million to threat actors in a bid to protect the user’s data. It was one of the biggest attacks in recent times, affecting a third of Americans, according toCNN.

Mitigations against Black Basta ransomware shared by CISA

Mitigations against Black Basta ransomware shared by CISA

The joint advisory by CISA and FBI lists a series of mitigations that will help protect the systems against theBlack Bastaransomware.

Cyber attacks have increased exponentially in recent years, primarily due to AI reaching into the hands of threat actors. WhileMicrosoft has committed to safeguarding AI from threat actors, the situation on the ground is different.

We will have to wait and see what impact the CISA’sBlack Bastaransomware advisory has and whether it leads to fewer attacks in the coming days.

What do you think? Share with our readers in the comments section.

More about the topics:security threats

Kazim Ali Alvi

Windows Hardware Expert

Kazim has always been fond of technology, be it scrolling through the settings on his iPhone, Android device, or Windows PC. He’s specialized in hardware devices, always ready to remove a screw or two to find out the real cause of a problem.

Long-time Windows user, Kazim is ready to provide a solution for your every software & hardware error on Windows 11, Windows 10 and any previous iteration. He’s also one of our experts in Networking & Security.

User forum

0 messages

Sort by:LatestOldestMost Votes

Comment*

Name*

Email*

Commenting as.Not you?

Save information for future comments

Comment

Δ

Kazim Ali Alvi

Windows Hardware Expert

Kazim is specialized in hardware devices, always ready to remove a screw or two to find out the real cause of a problem.