NSA, FBI, CISA Issue Advisory on 'BlackMatter' Ransomware

Ransomware has become a "national security issue," NSA director said.

Dark Reading Staff, Dark Reading

October 18, 2021

1 Min Read
Dark Reading logo in a gray background | Dark Reading

The Cybersecurity and Infrastructure Security Agency (CISA), FBI, and National Security Agency (NSA) today issued an alert about the infamous BlackMatter ransomware, warning that over the past few months two US food and agricultural companies as well as critical infrastructure organizations have suffered attacks via the malicious code.

The joint advisory — which comes less than a week after the agencies issued one on ongoing attack campaigns against US water and wastewater facilities — includes tactics, techniques, and procedures (TTPs) gleaned from a sample of the BlackMatter ransomware and recommended defenses to prevent and mitigate against infection.

BlackMatter operates a ransomware-as-a-service, so various cybercrime gangs can employ it in attacks. It was recently tied to a ransomware attack suffered by farm services provider New Cooperative, which resulted in the company taking its systems offline.

"The threat of ransomware goes beyond specific impacts to a victim company — it has risen to a national security issue," Rob Joyce, Director of Cybersecurity at NSA, said in a statement. "NSA's technical skills and threat intelligence will continue to support our partners across government and industry to degrade adversary footholds into networks where they launch ransomware. Employing the mitigations in the joint advisory with CISA and FBI will protect networks and mitigate the risk against BlackMatter and other ransomware attacks."

Read more here

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights