FBI, NSA Warn Cybersecurity Experts of Impending BlackMatter Ransomware Attacks

U.S. federal security bodies have published a joint advisory for cybersecurity experts, warning of the inevitability of a slew of new ransomware attacks from black hat hacking group BlackMatter - itself born from the ashes of the infamous DarkSide group. The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI) and the National Security Agency (NSA) are the three agencies involved in the joint advisory, which follows months of scrutiny and investigation surrounding the black hat hacker group. The agencies consider the signs of impending activity to be strong enough that they felt the urge to recommend that businesses bolster their cybersecurity defenses - particularly those tied to user credentials, password security, and multi-factor authentication (MFA).

BlackMatter stands as the result of a regrouping of members previously involved with DarkSide, the infamous hacker group that shuttered operations in May of this year. BlackMatter, like the Desorden hacking group (who have recently attacked Acer), seems to favor attacks on supply-chain players, escalating the repercussions and chaos of their attacks through multiple endpoints. Since it started operating under the new name, BlackMatter has already attacked numerous U.S. critical infrastructure organizations including two U.S. Food and Agriculture Sector cooperatives, as well as private companies such as Olympus.

The advisory goes further into details on BlackMatter's ransomware operationalization, which is where cybersecurity considerations for potential targets have been derived from. Deploying a sample of BlackMatter's ransomware in a secure, investigative environment, the agencies underline the sophistication of BlackMatter's approach, which allows them to attack both Windows and Linux environments, and even ESXi-based virtual machines - effectively covering all but the more exotic bases of information security.

Francisco Pires
Freelance News Writer

Francisco Pires is a freelance news writer for Tom's Hardware with a soft side for quantum computing.