A new FBI report has revealed that at least 52 critical national infrastructure (CNI) entities have been compromised by a ransomware variant.

The FBI has claimed that organisations across 10 CNI sectors had been impact as of January this year.#

Key sectors include manufacturing, financial services, government and IT.

A prolific ransomware variant has compromised at least 52 critical national infrastructure (CNI) entities, a new FBI report has revealed.

The group has change it’s tools, techniques and procedures (TTPs) in an attempt to stay hidden, but the Feds have revealed that the group typically uses VMProtect, UPX and custom packing algorithms, deploying a custom Windows XP virtual machine on the victim’s site.

“RagnarLocker iterates through all running services and terminates services commonly used by managed service providers to remotely administer networks. The malware then attempts to silently delete all Volume Shadow Copies, preventing user recovery of encrypted files,” the report explained.

The post US critical infrastructure hit by ransomware appeared first on IT Security Guru.

source

You May Also Like

Protecting your APIs from Attacks and Data Breaches

Many organisations are working to modernise their existing applications and integrate secure…

Synopsys Acquires WhiteHat Security to Expand Application Security Software-as-a-Service Capabilities

Yesterday, Synopsys, Inc. announced that it has signed a definitive agreement to acquire WhiteHat…