Federal Civilian Executive Branch Agencies (FCEB) are in a race against time to secure their vulnerable systems. Following a binding operational directive (BOD 22-01) issued in November 2021, these agencies have been mandated to address all vulnerabilities listed in CISA’s catalog of Known Exploited Vulnerabilities. On Thursday, CISA set a new deadline, giving FCEB agencies until July 4 to patch the CVE-2024-26169 security flaw and prevent potential ransomware attacks.
Although this directive specifically targets federal agencies, CISA has strongly recommended that all organizations prioritize fixing this flaw. The agency warned that “These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.”
Black Basta: A Rising Threat
Black Basta, a Ransomware-as-a-Service (RaaS) operation, has been a significant player in the cybercrime world since its emergence in April 2022. The group formed after the Conti cybercrime gang splintered into multiple factions following several high-profile data breaches. Since then, Black Basta has targeted numerous high-profile victims, including:
- German defense contractor Rheinmetall
- U.K. technology outsourcing company Capita
- The Toronto Public Library
- The American Dental Association
- Government contractor ABB
- Hyundai’s European division
- Yellow Pages Canada
- U.S. healthcare giant Ascension
According to CISA and the FBI, Black Basta ransomware affiliates have compromised over 500 organizations as of May 2024. These attacks have resulted in encrypted systems and stolen data from at least 12 U.S. critical infrastructure sectors.
Research from Corvus Insurance and cybersecurity firm Elliptic reveals that Black Basta has amassed at least $0 million in ransom payments from over 90 victims up until November 2023.
The urgency to secure vulnerable systems cannot be overstated. As ransomware attacks continue to evolve and become more sophisticated, organizations must remain vigilant and proactive in addressing vulnerabilities. The clock is ticking for FCEB agencies, but the broader message is clear: cybersecurity is a shared responsibility, and timely action is crucial to safeguarding critical infrastructure and sensitive data.