General Advisory: Several Recent Ransomware Attacks

Ransomware is a form of malware designed to encrypt files on a device to render them unusable until a ransom is paid for a decryption key. Ransom DDoS attacks involve overwhelming public servers with large volumes of traffic to bring them offline until a ransom is paid.

Several recent ransomware attacks have made headlines, including attacks on JBS (a global meat processor), Colonial Pipeline (a top US fuel pipeline), CNA financial (a large US insurance company), and Bose (an audio electronics manufacturer).

Administrators are urged to review ransomware guidance, follow best practices for preventing ransomware attacks, ensure that data is backed up regularly, and create a continuity plan to follow in case a ransomware attack occurs.

Important resources:
CISA.gov Ransomware Guidance and Resources
CISA.gov Fact Sheet: Rising Ransomware Threat to Operational Technology Assets
FBI Ransomware Guidance

Important news:
Global meat processor JBS shuts part of operation to blunt cyberattack fallout
Three takeaways from the Colonial Pipeline attack
One of the US’s largest insurance companies reportedly paid $40 million to ransomware hackers
Bose Admits Ransomware Hit: Employee Data Accessed
Exchange Servers Targeted by ‘Epsilon Red’ Malware