Three weeks to secure vulnerable systems
Federal Civilian Executive Branch Agencies (FCEB) agencies must secure their systems against all vulnerabilities added to CISA’s catalog of Known Exploited Vulnerabilities, according to a November 2021 binding operational directive (BOD 22-01).
On Thursday, CISA gave FCEB agencies three weeks, until July 4, to patch the CVE-2024-26169 security and thwart ransomware attacks that could target their networks.
Although the directive only applies to federal agencies, the cybersecurity agency also strongly urged all organizations to prioritize fixing the flaw, warning that “These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.”
Black Basta emerged as a Ransomware-as-a-Service (RaaS) operation two years ago, in April 2022, after the Conti cybercrime gang split into multiple factions following a series of embarrassing data breaches.
Since then, the gang has breached many high-profile victims, including German defense contractor Rheinmetall, U.K. technology outsourcing company Capita, the Toronto Public Library, the American Dental Association, government contractor ABB, Hyundai’s European division, Yellow Pages Canada, and U.S. healthcare giant Ascension.
CISA and the FBI revealed that Black Basta ransomware affiliates have hacked over 500 organizations until May 2024, encrypting systems and stealing data from at least 12 U.S. critical infrastructure sectors.
According to research from Corvus Insurance and cybersecurity company Elliptic, Black Basta collected at least 0 million in ransom payments from over 90 victims until November 2023.
