Security News > 2024 > May > CISA: Black Basta ransomware breached over 500 orgs worldwide
![CISA: Black Basta ransomware breached over 500 orgs worldwide](/static/build/img/news/cisa-black-basta-ransomware-breached-over-500-orgs-worldwide-medium.jpg)
CISA and the FBI said today that Black Basta ransomware affiliates breached over 500 organizations between April 2022 and May 2024.
"Black Basta affiliates have targeted over 500 private industry and critical infrastructure entities, including healthcare organizations, in North America, Europe, and Australia," CISA said.
"The level of sophistication by its proficient ransomware operators, and reluctance to recruit or advertise on Dark Web forums, supports why many suspect the nascent Black Basta may even be a rebrand of the Russian-speaking RaaS threat group Conti, or also linked to other Russian-speaking cyber threat groups."
Defenders should keep operating systems, software, and firmware up-to-date, require phishing-resistant Multi-Factor Authentication for as many services as possible, and train users to recognize and report phishing attempts to mitigate Black Basta ransomware attack risks.
While the federal agencies didn't share what prompted today's advisory, Black Basta was linked this week to a suspected ransomware attack that hit the systems of healthcare giant Ascension, forcing the U.S. healthcare network to redirect ambulances to unaffected facilities.
On Friday, Health-ISAC also issued a threat bulletin warning that the Black Basta ransomware gang "Has recently accelerated attacks against the healthcare sector."
News URL
Related news
- CISA's early-warning system helped critical orgs close 852 ransomware holes (source)
- CISA boss: Secure code is the 'only way to make ransomware a shocking anomaly' (source)
- Black Basta Ransomware Strikes 500+ Entities Across North America, Europe, and Australia (source)
- Uncle Sam urges action after Black Basta ransomware infects Ascension (source)
- Windows Quick Assist abused in Black Basta ransomware attacks (source)
- Crims abusing Microsoft Quick Assist to deploy Black Basta ransomware (source)
- Black Basta Ransomware Struck More Than 500 Organizations Worldwide (source)
- Black Basta ransomware gang linked to Windows zero-day attacks (source)
- Black Basta Ransomware May Have Exploited MS Windows Zero-Day Flaw (source)
- CISA warns of Windows bug exploited in ransomware attacks (source)