The FBI, CISA and Australian Cyber Security Centre alert as BianLian shifts tactics

The FBI, CISA and Australian Cyber Security Centre alert as BianLian shifts tactics

The FBI, CISA and Australian Cyber Security Centre have issued an alert as BianLian, a notorious Russian ransomware ring, has seemingly abandoned the ransomware playbook.

The FBI and cyberauthorities warn that the gang is now following a new trend and shifting to data exfiltration-based extortion.

“They shifted primarily to exfiltration-based extortion around January 2023 and shifted to exclusively exfiltration-based extortion around January 2024,” the joint alert by the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre reads.

Dr. Darren Williams, CEO and Founder, BlackFog, said: “This continues to be a major trend we have seen through 2024, where 94% of all ransomware now focuses on data exfiltration. This is not a surprise given the value of intellectual property, customer and personal data.

“Data exfiltration allows criminals to leverage multiple pathways to secure payment from direct extortion of the victim or the subject of the data themselves. Even if the victims pay there is considerable evidence this is never deleted, but rather traded on the Dark Web for years to come.

“This underscores the evolving nature of cyberthreats and the need for organisations to adapt their security strategies accordingly. Detection is important as they need to be ready to identify active threats within their network and to stop them quickly, especially when faced with fast-acting ransomware attacks.

“Protection around the data itself is becoming ever more important, to prevent data from being exfiltrated is vital to stop attackers from reaching, achieving, their ultimate goal.”

Browse our latest issue

Intelligent CISO

View Magazine Archive