A infamous ransomware group has demanded greater than half a billion {dollars} from victims in lower than two years.
That staggering statistic has been made public in an update to a joint advisory issued by the US Cybersecurity and Infrastructure Company (CISA) and the FBI, warning organisations in regards to the menace posed by the BlackSuit gang.
BlackSuit, confirms the advisory, is an evolution of the Royal ransomware which made headlines attacking victims starting from US healthcare organisations to telecoms firms. Royal was itself born out of the stays of the notorious Russian Conti group.
BlackSuit, like many different ransomware threats, exfiltrates information from compromised corporations after which threatens to publish stolen information on leak websites if a ransom just isn’t paid.
That does not make BlackSuit uncommon. What does make BlackSuit stand out in a crowded scene of rasnomware gangs is the sheer amount of cash it has tried to extort from its many victims.
In response to the CISA/FBI joint advisory:
“Ransom calls for have sometimes ranged from roughly $1 million to $10 million USD, with cost demanded in Bitcoin. BlackSuit actors have demanded over $500 million USD in whole and the most important particular person ransom demand was $60 million.”
The quantity of ransom demanded just isn’t specified within the preliminary ransom observe delivered throughout an assault, however as an alternative is provided when a sufferer makes direct contact with the attacker by way of a hyperlink on the darkish internet.
The advisory notes that there was a rise just lately within the variety of incidents the place victims have obtained electronic mail communications and even phone calls from their attackers whereas negotiating cost.
If BlackSuit feels their sufferer just isn’t going to comply with their calls for, or fails to barter, it should typically publish the sufferer’s information on its leak web site.
Though BlackSuit’s sizeable ransom calls for might strike comprehensible worry into many organisations, the CISA/FBI advisory notes that it has “exhibited a willingness to barter cost quantities.”
In fact, that does not imply that it’s essentially the correct factor to pay your extortionists if you end up the sufferer of a ransomware assault.
Paying a ransom encourages criminals to launch extra assaults sooner or later, and never paying could also be itself incur substantial bills when it comes to rebuilding buyer belief, model repute, and rebuilding relationships with companions.
Being the sufferer of a ransomware assault typically means there isn’t a sensible choice – solely a much less unhealthy one.
Previous victims of the BlackSuit ransomware gang have included East Central University, CDK Global, universities, and even a zoo.