CISA Advisory Details Techniques, Processes Used by Black Basta Ransomware

The Cybersecurity and Information Security Agency has released a joint cybersecurity advisory detailing common techniques and procedures used by the Black Basta ransomware group and other affiliates. 

The Black Basta is a ransomware-as-a-service that was first identified in April 2022 and has since targeted critical infrastructure and health care sectors in the United States, Australia and Europe. 

The advisory was issued jointly with the FBI, the Department of Health and Human Services and the Multi-State Information Sharing and Analysis Center, CISA .gov reported.

CISA Director Jen Easterly, a past Wash100 winner and past Potomac Officers Club event speaker, said the previous cyberattacks were “just the tip of the iceberg” with more serious threats coming from the nation’s foreign adversaries, including China and Russia.

Amid the growing number of cyberattacks, Easterly highlighted the need for more funding to ensure the United States remains protected against threats coming from adversaries.

Besides asking for a bigger budget, the agency has also been promoting good practices to improve any organization’s cybersecurity posture. CISA launched the Cyber Hygiene Vulnerability Scanning capability in April, allowing organizations to identify ransomware-related vulnerabilities at an early phase.