FBI Cyber News: Ransomware hits Critical Infrastructure and NFL team
FBI has shared that at least 3 Critical Infrastructure compaies are breached by Blackbyte ransomware. Target industries may include government agencies, financial services, food and agriculture etc. Blackbyte is a ransomware as a service (RaaS) group that encrypts files on windows host systems incluidng physical and virtual servers.
Suspicious ASPX files were discovered on IIS servers with a list of commands the ransomware operators used during the attack.
Simultaneously, the NFL sports team, the San Francisco 49ers have been hit by a ransomware attack, with cyber criminals claiming they stole some of the football team’s financial data.
The ransomware gang BlackByte recently posted some of the purportedly stolen team documents on a site on the dark web in a file marked “2020 Invoices.” The gang did not make any of its ransom demands public or specify how much data it had stolen or encrypted.
The team, which is among the most valuable and storied franchises in the NFL and lost a close playoff game two weeks ago, said in a statement Sunday that it recently became aware of a “network security incident” that had disrupted some of its corporate IT network systems. The 49ers said they’d notified law enforcement and hired cybersecurity firms to assist.
“To date, we have no indication that this incident involves systems outside of our corporate network, such as those connected to Levi’s Stadium operations or ticket holders,” the team said in a statement, referencing its home stadium.
How to stay safe from such attacks
Rainbow Secure’s cyber risk mitigation team has released following advice following the incident:
- Backups, and Backups with offline copies will help the businesses to come online quickly if hit by such attacks
- Assess, Review and Adjust the permissions of your employees and contractors. Regular Cyber Assessments play key role in staying safe.
- Always store sensitive files and data in secure backend protected by role, and need based permissions augmented by zero-trust strategy.
- Deploy multi-layer protection for your applications and dashboards. Upgrade to modern identity and single sign on solutions like rainbow secure for securing all your business applications.
- Patch your windows and other hosted solutions on time.
For more information on the attack, refer to: https://www.espn.com/nfl/story/_/id/33283115/san-francisco-49ers-network-hit-gang-ransomware-attack-team-notifies-law-enforcement
Book a security consultation with rainbow secure team and discover how to stay secure from cyber attacks, improve user experience, reduce cyber risk liabilities and gain productivity.