Subscribe to receive Urgent Communications Newsletters
Catch up on the latest tech, media, and telecoms news from across the critical communications community
Black Basta ransomware is toying with critical-infrastructure providers, authorities say
David Jones / Cybersecurity Dive
May 15, 2024
1 Min Read
Black Basta ransomware has targeted healthcare and other critical infrastructure providers in recent months, impacting more than 500 organizations around the world as of this month, the FBI and Cybersecurity and Infrastructure Security Agency warned Friday in a joint advisory with the Department of Health and Human Services and MS-ISAC. The alert comes just after a ransomware attack hit Ascension, a major healthcare provider that was forced to divert patients last week.
Black Basta ransomware has targeted 12 of the 16 government designated critical infrastructure sectors. Federal authorities have also linked the ransomware-as-a-service group to exploitation of critical vulnerabilities in ConnectWise ScreenConnect since February.
Black Basta is using a social-engineering campaign to target managed detection and response security tool users, according to research released Friday by Rapid7. Users have been prompted to download remote management tools, such as AnyDesk or Microsoft’s Quick Assist feature.
Dive Insight:
The warnings come amid a string of escalating attacks against hospitals and public health organizations.
Black Basta was previously linked to threat activity involving exploitation of critical vulnerabilities in ConnectWise ScreenConnect. Researchers from Trend Micro linked Black Basta to exploitation of CVE-2024-1709, a critical vulnerability with a CVSS score of 10.
To read the complete article, visit Cybersecurity Dive.
