BlackCat is a new cyber threat that first surfaced in the latter half of 2021. Since then it has caused a lot of trouble. It is a type of ransomware, an attack that blocks the access to a network until the victim pays a ransom.
BlackCat is most frequently used as RaaS (Ransomware-as-a-Service), which means that an interested party hires the services of a hacking team, which uses its tools to perform the malicious attack. In this article we will explain why the BlackCat ransomware is particularly dangerous and how you can prepare for this threat.
The Dangers of BlackCat Ransomware
This attack is performed in the following way: Hackers exploit possible vulnerabilities of outdated firewall/VPN devices. Then they breach the internals systems using the firewall as a foothold.
What is different about this new type of ransomware is that it is written in the Rust programming language. In fact, it is one of the first ransomware attacks that was written in this modern language. That makes it more difficult to detect, especially if the victim organization uses more traditional security solutions.
Furthermore, BlackCat attacks have been executed by using different techniques or tactics. This is the reason two BlackCat attacks could be very different to each other. This ransomware can infect a system using various entry points.
The malicious actors who utilize these attacks usually apply the double extortion method. Doing this, they block access to a system. They also threaten to sell data to third parties, pressuring them even more to pay the ransom.
Interestingly, teams that specialize in BlackCat attacks use effective marketing in anonymous websites that are created for these purposes. They post advertisements for the ransomware method and promote its capabilities trying to sell it as RaaS. BlackCat ransomware has troubled many companies lately in America, Europe, Asia and Africa. Some of them are high profile, namely two german oil companies, a Luxembourg power company and a European pipeline and energy supplier.
The invention of the BlackCat ransomware is proof that as technology keeps progressing, so do cyber threats. BlackCat attacks are very dangerous, because they are new and different from each other and it is difficult for a company to prevent them on their own.
In Logstail, we are offering the full range of services required to effectively mitigate these types of attacks. Incident response and consulting, penetration testing, and red team operations, are altogether aiming to help our customers mitigate their cyber incidents.
And on top of this, we offer our customers our brand-new platform! Our cloud-hosted solution with advanced features brings the functionality of centralized monitoring to your hands. Convert your data into actionable insights and maximize the performance of your infrastructure or be notified of potential problems and take the appropriate actions. Sign-up for a free demo to realize the power of Logstail!