BACKGROUND:
It has been reported that CISA sent out an advisory yesterday, centered around the Conti ransomware, providing detailed information for the cybersecurity community about the ransomware group and its affiliates. Both CISA and the FBI said they have seen more than 400 attacks involving Conti’s ransomware targeting US organisations as well as international enterprises. The FBI has previously implicated Conti in attacks on at least 290 organisations in the US. CISA offered a technical breakdown on how the ransomware group’s operators typically function and what steps organisations can take to mitigate potential attacks. CISA noted that while Conti operates a ransomware-as-a-service model, they do so a bit differently than others. Instead of paying affiliates a cut of the earnings that come from ransoms, the group pays the deployers of the ransomware a wage, according to CISA.
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
