Royal Ransomware Actors Rebrand as “BlackSuit,” FBI and CISA Release Update to Advisory | CISA
cisa.gov
|
Contributed by: Drex DeFord
Summary
CISA and the FBI have updated their joint Cybersecurity Advisory regarding BlackSuit (Royal) ransomware, providing detailed insights into recent and past tactics, techniques, and procedures (TTPs), as well as indicators of compromise (IOCs). Investigations revealed that BlackSuit ransomware has impacted various critical infrastructure sectors including commercial facilities, healthcare, government, and manufacturing. Network defenders are advised to review this update and implement the recommended mitigations. Additionally, CISA urges software manufacturers to improve security outcomes for customers by adopting secure by design practices, for which comprehensive guidelines are available on CISA’s website.