FBI, NSA Warn Cybersecurity Experts of Impending BlackMatter Ransomware Attacks

U.S. federal security bodies have published a joint advisory for cybersecurity experts, warning of the inevitability of a slew of new ransomware attacks from black hat hacking group BlackMatter – itself born from the ashes of the infamous DarkSide group. The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI) and the National Security Agency (NSA) are the three agencies involved in the joint advisory, which follows months of scrutiny and investigation surrounding the black hat hacker group. The agencies consider the signs of impending activity to be strong enough that they felt the urge to recommend that businesses bolster their cybersecurity defenses – particularly those tied to user credentials, password security, and multi-factor authentication (MFA).

BlackMatter stands as the result of a regrouping of members previously involved with DarkSide, the infamous hacker group that shuttered operations in May of this year. BlackMatter, like the Desorden hacking group (who have recently attacked Acer), seems to favor attacks on supply-chain players, escalating the repercussions and chaos of their attacks through multiple endpoints. Since it started operating under the new name, BlackMatter has already attacked numerous U.S. critical infrastructure organizations including two U.S. Food and Agriculture Sector cooperatives, as well as private companies such as Olympus.