"Black Basta Ransomware Victim Count Tops 500"

According to a Joint Cybersecurity Advisory (CSA) issued by the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Health and Human Services (HHS), and the Multi-State Information Sharing and Analysis Center (MS-ISAC), the Black Basta ransomware group and its affiliates compromised hundreds of organizations worldwide between April 2022 and May 2024. The advisory claims that Black Basta attacks have impacted more than 500 organizations in North America, Europe, and Australia. They led to the encryption and theft of data from at least 12 out of 16 critical infrastructure sectors, including the Healthcare and Public Health (HPH) Sector. It was noted that it is unclear how much money the group has made over the period from its victims, but a November 2023 analysis of Bitcoin transactions estimated over $100m since April 2022. The CSA includes TTPs and IOCs obtained from FBI investigations and third-party reporting, as well as a useful list of mitigations for network defenders designed to help them improve security posture. Black Basta prefers popular initial access techniques, such as phishing and exploitation of known vulnerabilities, before deploying a double extortion model.

Infosecurity Magazine reports: "Black Basta Ransomware Victim Count Tops 500"