The Department of Justice recently announced a “disruption campaign” against the Blackcat ransomware group (aka ALPHV or Noberus), including seizing the group’s darknet website and releasing a decryption tool for victim entities to recover their systems.

Responding in kind, Blackcat “unseized” its darknet site and threatened to expand its range of targets to include hospitals, nuclear power plants, and critical infrastructure. In a statement translated from Russian to English by several cyber news outlets, the Blackcat group stated, “Because of their actions, we are introducing new rules, or rather, we are removing ALL rules, except one, you cannot touch the CIS (critical infrastructure sectors), you can now block hospitals, nuclear power plants, anything, anywhere.”

Healthcare and public business entities (and their respective service providers) should heed this warning. The ransom group also claims it will notify the SEC and the HHS in the event of no initial contact by the victim entity. It has, in the past, lodged at least one complaint with the SEC based on the threat group’s claim that the victim did not report a significant incident.

More information about the malware, including technical information about indicators of compromise and recommendations to mitigate its effects, is available from the FBI at www.ic3.gov/Media/News/2022/220420.pdf.

Additional information regarding law enforcement’s ongoing investigation into Blackcat is available at www.justice.gov/media/1329536/dl?inline.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Cinthia Granados Motley Cinthia Granados Motley

Cinthia Granados Motley is the Director of Dykema’s Global Data Privacy and Information Security practice group. She has an active national and international practice assisting clients implement effective information security practices, address current and emerging regulatory compliance issues, including cross-border data transfer and…

Cinthia Granados Motley is the Director of Dykema’s Global Data Privacy and Information Security practice group. She has an active national and international practice assisting clients implement effective information security practices, address current and emerging regulatory compliance issues, including cross-border data transfer and information governance, as well as litigation readiness and regulatory inquiry matters. She routinely acts as incident response counsel to national and multi-national entities, as well as privacy litigation counsel. In her litigation practice, Cinthia handles consumer and privacy litigation, international contract disputes, directors and officers liability, ERISA, e-discovery and  professional liability matters. She routinely counsels clients in complex commercial disputes both domestically and abroad.

Photo of Dante A. Stella Dante A. Stella

Dante Stella is a creative, logical, and efficient problem solver who focuses his practice on litigation and investigations that involve challenging legal, factual, and data management issues. He also provides non-litigation counseling to clients on information lifecycle management, information infrastructure, and electronic discovery…

Dante Stella is a creative, logical, and efficient problem solver who focuses his practice on litigation and investigations that involve challenging legal, factual, and data management issues. He also provides non-litigation counseling to clients on information lifecycle management, information infrastructure, and electronic discovery readiness planning.