CISA and the FBI have updated their joint Cybersecurity Advisory regarding BlackSuit (Royal) ransomware, providing detailed insights into recent and past tactics, techniques, and procedures (TTPs), as well as indicators of compromise (IOCs). Investigations revealed that BlackSuit ransomware has impacted various critical infrastructure sectors including commercial facilities, healthcare, government, and manufacturing. Network defenders are advised to review this update and implement the recommended mitigations. Additionally, CISA urges software manufacturers to improve security outcomes for customers by adopting secure by design practices, for which comprehensive guidelines are available on CISA’s website.

Royal Ransomware Actors Rebrand as “BlackSuit,” FBI and CISA Release Update to Advisory | CISA cisa.gov

Rick Pollack, CEO of the American Hospital Association (AHA), compared cybercrime to a "chronic disease" in his August 8 statement, advocating for enhanced safeguards and federal collaboration to manage its risks. The healthcare industry faces persistent cyberattacks, as seen in the ransomware incidents involving Change Healthcare and OneBlood. In response, the AHA provides cybersecurity alerts, preparedness plans, and tech company support. Pollack emphasized the need for shared responsibility between the healthcare sector and government, calling for greater federal intelligence sharing and disruption of cyber threats. He also urged the Biden administration to align cybersecurity regulations with the Department of Health and Human Services' voluntary approach and to provide more resources and third-party standards for healthcare systems.

Cybercrime is like a 'chronic disease,' AHA leader says Becker's Hospital Review

The US Cybersecurity and Infrastructure Security Agency (CISA) has launched the "Secure by Design" initiative in 2023, now urging software consumers to adopt a "Secure by Demand" approach. CISA Director Jen Easterly emphasized at Black Hat USA the role of organizations in promoting Secure by Demand by using their purchasing power to prioritize software security. A new Secure by Demand Guide provides questions and resources to help organizations evaluate the cybersecurity practices of software manufacturers. In May, a Secure by Design pledge was introduced, with nearly 200 software manufacturers committing to improved security practices. CISA is actively tracking and promoting the progress of these manufacturers to reduce vulnerabilities and improve security across the technology ecosystem.

CISA Encourages Organizations to Adopt a 'Secure by Demand' Strategy Infosecurity Magazine

The FBI and Cybersecurity and Infrastructure Security Agency (CISA) have issued an updated advisory warning about the rebranded BlackSuit ransomware group, formerly known as Royal Ransomware. This group has extorted victims for as much as $60 million, with total demands reaching $500 million. The advisory provides updated tactics, techniques, procedures, and indicators of compromise to help cybersecurity defenders. BlackSuit primarily gains access through phishing and disables security protections to exfiltrate data before deploying ransomware. Notably, their ransom demands involve direct dark web contact and aggressive extortion tactics. The FBI recommends mitigation measures including strong password policies, timely patching, multi-factor authentication, and network segmentation.

FBI Issues Warning As ‘Men In Black’ Hackers Demand $60 Million Ransom Forbes