FBI and CISA Warn of Ongoing Ghost Ransomware Threat to Organizations
HackRead
|
Contributed by: Drex DeFord
Summary
A joint advisory from the FBI, CISA, and MS-ISAC warns of the ongoing threats from Ghost ransomware, active since 2021 and linked to actors in China. The group has impacted organizations across various sectors worldwide, including healthcare and education, primarily for financial gain. The ransomware exploits vulnerabilities in outdated software, using publicly available code to target systems like Fortinet FortiOS and Microsoft Exchange. Once inside, it encrypts files and demands ransoms in cryptocurrency. The advisory also provides indicators of compromise (IOCs) for organizations to help identify potential Ghost ransomware activity.
