Week’s top ransomware: ALPHV/BlackCat bounty, Cisco exploit and more

1 min read

Ransomware This Week Summary


Key Points:

  • Ransomware attacks on U.S. local governments continue to be a significant threat in 2024
  • Vulnerabilities remain a common entry point for ransomware attacks, with the exploitation of a high-severity Cisco vulnerability by the Akira ransomware group

Ransomware This Week: ALPHV/BlackCat Bounty, Cisco Exploit, and More

Ransomware attackers targeted multiple local U.S. governments in 2024, adding to the growing concern of cybersecurity threats. According to research by Chainalysis, ransom payments exceeded $1 billion for the first time in 2023, highlighting the lucrative nature of these attacks. Sophos reported that 66% of organizations experienced ransomware attacks in 2022 and 2023, indicating a steady rate of attacks.

In February 2024, some of the top ransomware news included the FBI disrupting the ALPHV/BlackCat ransomware gang, with the group allowing its affiliates to target critical infrastructure in retaliation. The U.S. Department of State offered a $10 million bounty on ALPHV/BlackCat leaders and $5 million for information leading to the arrest of affiliates. Exploitation of vulnerabilities was a common entry point for ransomware attacks, with the U.S. CISA adding a high-severity Cisco vulnerability to its Known Exploited Vulnerabilities Catalog.

RansomHouse Group introduced a new ransomware tool called “MrAgent” targeting VMware ESXi servers, while U.S. government offices and Romanian hospitals faced significant ransomware attacks. U.S. counties and a state law office paid substantial ransoms to recover from attacks, with sensitive data being leaked and systems offline for an extended period. Romanian hospitals had to take systems offline due to a ransomware attack on the Hipocrate IT platform.

Overall, the ongoing threat of ransomware attacks, coupled with the exploitation of vulnerabilities and significant ransom payments, highlights the need for organizations to prioritize cybersecurity measures to protect against these evolving threats.

Previous Story

US crushes Russian botnet in victorious cyber battle

Next Story

Europe and Latin America unite for enhanced cybersecurity cooperation

Latest from News

US sanctions Kaspersky Lab for Russia ties

TLDR: The Biden administration announced sanctions against 12 executives and senior leaders of Kaspersky Lab, a Russia-based cybersecurity company. The Commerce Department banned Kaspersky