acm-header
Sign In

Communications of the ACM

ACM News

CISA, FBI, NSA Warn of Increased Attacks Involving Conti Ransomware


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
Typing on a keyboard.

The alert comes as U.S. cybersecurity officials face a growing crisis of ransomware attacks that have shut down schools, hospitals, businesses, and local governments, as well as industries critical to U.S. infrastructure.

Credit: Nicolas Asfouri/AFP/Getty Images

The Department of Homeland Security's cybersecurity agency, the FBI and National Security Agency urged organizations in an alert Wednesday to update their systems amid an increase in Conti ransomware attacks.

DHS' Cybersecurity and Infrastructure Security Agency and the FBI reported over 400 attacks using Conti ransomware against mostly U.S. targets. The group primarily runs "double extortion" campaigns in which hackers encrypt and steal files. In the scheme, they demand a ransom from the victim in order to restore access to the systems; if the victim doesn't pay, the actors threaten to leak the stolen data.

At least 16 of the 400 reported attacks targeted U.S. health care providers and first responder networks, the FBI reported in May.

The Conti ransomware gang has already been linked to several major attacks this year. In June the gang stole roughly 18,000 files from the Tulsa police, leaking some after the city refused to pay. Conti ransomware also caused a weeks-long disruption to Ireland's public health system earlier this year.

"Americans are routinely experiencing real-world consequences of the ransomware epidemic as malicious cyber actors continue to target large and small businesses, organizations, and governments," said Eric Goldstein, CISA's executive assistant director for cybersecurity.

From CyberScoop
View Full Article

 


 

No entries found