Black Basta Shows No Signs of Slowing Ransomware Attacks

September 15, 2023

Introduction

A ransomware group called Black Basta continues its reign of terror against organizations in the healthcare, manufacturing and technology sectors. The group has already claimed responsibility for several high-profile attacks, including an attack on a major US healthcare provider that resulted in the theft of patient data.

Ransomware has always been a huge issue online, and groups like this aren’t helping to slow down the epidemic.

What You Should Know About Ransomware

Why is this such a big deal?

Ransomware is one of the most dangers cyber-threats currently out there. If you’re not prepared to recognize traps and respond to an attack, then you could lose more than just your money—you’ll be risking confidential data, too.

It’s important to understand that most ransomware threat actors will never return your stolen files. Most will take the money and data and run. Others will charge a double extortion fee to prevent them from leaking copies of what they saw to the public. That’s exactly what Black Basta does.

The lesson here is to never pay ransomware. If you do find out that one of your devices has been infected, IMMEDIATELY kick start your incident response plan.

Who is Black Basta?

The group at fault is both a ransomware perpetrator and a Ransomware-as-a-Service (RaaS) purveyor. That means they don’t just attack organizations; they also sell the malicious code used to commit their international crimes. Since they first came onto the scene in April 2022, Black Basta has become one of the most prominent international ransomware threat groups. Their victim pool compromises healthcare organizations in the private and public sector, so even groups like the American Dental Association aren’t safe from their attacks.

Although they appear to have originated in Russia, Black Basta has targeted victims in the US, Canada, the UK, Australia, New Zealand and Japan.

Personal health information is highly protected and highly valuable. By launching a malware campaign against particular organizations that hold lucrative information like PHI, they can make more money off of the stolen data.

Once Black Basta ransomware is installed on a victim’s system, it encrypts the victim’s files and demands a ransom payment in exchange for the decryption key. The ransom amount ranges from an average of $100,000 to $500,000. The ransomware not only encrypts sensitive files but uses DNS tampering to lock out the authorized user, too.

Conclusion

Black Basta is still out there, selling their RaaS and executing their malicious attacks around the globe. The more you know about what threats are waiting in cyberspace, the better you can recognize and respond to these attacks when they occur in real life.

Ransomware is no joke. 1.7M attacks happen every day. Do you know what your organization recommends next if you find a suspicious or ominous message popping up on your screen? If not, now is a great time to brush up on ransomware defense before you really need it. You don’t want to be in the middle of trouble when you realize you forget who to notify first!

Black Basta is just one of the many cyber-threat actors out there in the world. Be careful and treat the sensitive data that you handle with the attention and security that you’d want for your own PII.

References

Most Recent Post

Guide to Improving Your Company’s Data Management

Guide to Improving Your Company’s Data Management

Data is the lifeblood of modern businesses. It fuels insights, drives decision-making, and ultimately shapes your company's success. But in today's information age, data can quickly become overwhelming.Scattered spreadsheets, siloed databases, and inconsistent...

“Knowledgeable, reliable and trustworthy”

In addition to being knowledgeable, reliable and trustworthy, he’s very friendly and accessible. Would definitely use his services again.

Nyshie Perkinson

Senior Media Specialist, Center for Biological Diversity

Related Articles

Don’t Risk It! Why You Shouldn’t Skip Vulnerability Assessments

Don’t Risk It! Why You Shouldn’t Skip Vulnerability Assessments

Cyber threats are a perpetual reality for business owners. Hackers are constantly innovating. They devise new ways to exploit vulnerabilities in computer systems and networks.For businesses of all sizes, a proactive approach to cybersecurity is essential. One of the...

7 Common Pitfalls When Adopting Zero Trust Security

7 Common Pitfalls When Adopting Zero Trust Security

Zero Trust security is rapidly transforming the cybersecurity landscape. It moves away from traditional perimeter-based security models. In this approach, every connection attempt is continuously verified before granting resource access.56% of global organizations say...

4 Ways Small Businesses Can Leverage Copilot for Microsoft 365

4 Ways Small Businesses Can Leverage Copilot for Microsoft 365

What are some of the key differentiators that can propel small businesses forward? They include efficiency, productivity, and innovation. Microsoft has expanded the availability of one of its most dynamic tools to SMBs. A tool that can be a real game-changer for...