On February 9, 2022, the FBI, CISA, NSA, the Australian Cyber Security Centre, and the UK National Cyber Security Centre put forth a Joint Statement regarding the increase in sophisticated, high impact, ransomware events against critical infrastructure globally. As per the Joint Statement, the cyber security authorities have observed the following trends across 2021:
- Targeting of cloud environments;
- Targeting of Managed Service Providers (“MSPs”);
- Targeting of industrial processes;
- Targeting of supply chain software;
- Planning and orchestrating attacks for major holidays and weekends; and
- An increase in triple extortion ransomware – comprise of:
- 1) publicly releasing stolen sensitive information;
- 2) disrupting a victim’s access to the internet; and
- 3) contacting the victim’s suppliers or customers to inform them about the incident to shame the victim.
In order to combat these growing threats, the cyber security authorities outline a number of mitigating actions organizations can take to reduce the likelihood and impact of ransomware incidents.
To read the full statement, use the link below.
https://www.nsa.gov/Press-Room/News-Highlights/Article/Article/2928709/