Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the neve domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/vhosts/sigmacybersecurity.com/httpdocs/wp-includes/functions.php on line 6114
BlackSuit ransomware - what you need to know - Sigma Cyber Security
Skip to content

BlackSuit ransomware – what you need to know

is a cybercriminal group known as BlackSuit that has claimed responsibility for various ransomware attacks, including breaches at schools in central Georgia and a zoo in Tampa Bay. They recently targeted DePauw University in Indiana, accessing a limited amount of data on specific individuals. BlackSuit has strong links to the Royal and Conti ransomware groups and is considered their direct successor. BlackSuit encrypts files on Linux and Windows systems, changes desktop wallpaper, and drops a ransom note. The decision to pay the ransom is difficult, as it encourages attackers but not paying may result in the release of sensitive information. It is crucial to have hardened defenses in place and follow mitigation guidance provided by the FBI and CISA to protect against ransomware attacks.

Key points:
1. BlackSuit is a cybercriminal group responsible for ransomware attacks, including breaches at schools in Georgia and a zoo in Tampa Bay.
2. They recently targeted DePauw University, accessing a limited amount of data on specific individuals.
3. BlackSuit is believed to be a rebranding of the Royal and Conti ransomware groups.
4. They encrypt files, change desktop wallpaper, and leave a ransom note.
5. The decision to pay the ransom is difficult, as it encourages attackers but not paying may result in the release of sensitive information.
6. It is crucial to have hardened defenses in place and follow mitigation guidance provided by the FBI and CISA to protect against ransomware attacks.

Leave a Reply

Your email address will not be published. Required fields are marked *