Highly active BianLian ransomware operation, which has claimed attacks against Boston Children’s Health Physicians, Save The Children, and Canada’s Amherstburg Family Health Team, has been suspected by U.S. and Australian law enforcement to have originated from Russia, as well as obtained several affiliates across the country, reports The Record, a news site by cybersecurity firm Recorded Future.
Attacks by the BianLian, which have been completely exfiltration-based extortion since the beginning of the year, have involved the exploitation of Windows and VMware ESXi security vulnerabilities for initial access, with the ransomware gang leveraging various other tools to facilitate lateral movement and data compromise, according to a joint advisory from the FBI, Cybersecurity and Infrastructure Security Agency, and the Australian Cyber Security Centre. “Newer ransomware notes state BianLian group has exfiltrated data and threaten to leak the exfiltrated data if the ransom is not paid,” said the FBI, which noted that the gang has also been contacting employees to pressure their organizations into paying the demanded ransom.
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
© Copyright 2024 CNB Tel. All rights reserved