FBI Says: 400 Organizations Attacked By Conti Ransomware

The Cybercriminals behind the Conti ransomware has attacked more than 400 organizations worldwide, 290 of which are located in the United States, the FBI said. This includes healthcare facilities, communities and police forces. Ireland's national health care provider HSE was recently a victim of the Conti ransomware, which impacted patient services. The group demands amounts of up to 25 million euros for the decryption of files.

To access their victims' networks, the Conti group uses well known methods such as links in email messages pointing to malware, infected email attachments and stolen RDP credentials. On average, the attackers spend between four days and three weeks on the network before rolling out the ransomware. When the attacked organization has not responded to the group's demands two to eight days after the ransomware's rollout, it is common for attackers to call the victim, the FBI said in a warning ( PDF ).

The tracking service asks victims to share information about the group when possible, such as bitcoin addresses used, the decryption tool provided and IP addresses. The FBI also makes recommendations to prevent such attacks. For example, it is recommended to disable hyperlinks in incoming e-mail and to provide e-mails from outside the organization with a banner. Organizations are also advised to focus on cyber security awareness and staff training.

Previous Post Next Post