Security News > 2021 > September > FBI, CISA, and NSA warn of escalating Conti ransomware attacks

CISA, the Federal Bureau of Investigation, and the National Security Agency warned today of an increased number of Conti ransomware attacks targeting US organizations.
The three US federal agencies urge enterprise IT admins to review their organizations' network security posture and implement the immediate actions outlined in the joint advisory to defend against Conti ransomware.
Conti ransomware operators have been behind over 400 attacks that hit US and international entities, according to the three agencies.
"The Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation have observed the increased use of Conti ransomware in more than 400 attacks on U.S. and international organizations," the advisory reads.
"In typical Conti ransomware attacks, malicious cyber actors steal files, encrypt servers and workstations, and demand a ransom payment."
Although the DoH blocked Conti from encrypting its systems, the HSE was not as lucky and was forced to take down all IT systems to prevent the ransomware from spreading throughout its network.
News URL
Related news
- CISA and FBI: Ghost ransomware breached orgs in 70 countries (source)
- Medusa Ransomware Strikes 300+ Targets: FBI & CISA Urge Immediate Action to #StopRansomware (source)
- CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks (source)
- CISA orders agencies to patch Linux kernel bug exploited in attacks (source)
- FBI, Europol, and NCA Take Down 8Base Ransomware Data Leak and Negotiation Sites (source)
- US indicts 8Base ransomware operators for Phobos encryption attacks (source)
- RA World Ransomware Attack in South Asia Links to Chinese Espionage Toolset (source)
- Chinese espionage tools deployed in RA World ransomware attack (source)
- Lee Enterprises newspaper disruptions caused by ransomware attack (source)
- CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks (source)