The FBI, the National Security Agency (NSA), and the Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday issued a warning to U.S. organizations to be aware of a specific type of ransomware that has already wreaked havoc on hundreds of groups.
The agencies issued a joint alert specifically warning groups to be on guard against the Conti ransomware variant, with the agencies noting that 400 U.S. and international groups had already fallen victim to Conti.
“The cyber criminals now running the Conti ransomware-as-a-service have historically targeted critical infrastructure, such as the Defense Industrial Base (DIB), prior to Conti campaigns, and the advisory highlights actions organizations can take right now to counter the threat,” Rob Joyce, director of Cybersecurity at NSA, said in a statement Wednesday. “We highly recommend using the mitigations outlined in this advisory to protect against Conti malware and mitigate your risk against any ransomware attack.”
The alert outlined steps that organizations can take to protect against the Conti ransomware variant, which involves cybercriminals using malicious emails, phone calls, or stolen credentials to steal and encrypt information and demand payment from victims to regain access.