Today, CISA, the Federal Bureau of Investigation (FBI), and the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) released updates to #StopRansomware: BianLian Ransomware Group on observed tactics, techniques, and procedures (TTPs) and indicators of compromise attributed to data extortion group, BianLian.

The advisory, originally published May 2023, has been updated with additional TTPs obtained through FBI and ASD’s ACSC investigations and industry threat intelligence as of June 2024.

BianLian is likely based in Russia, with Russia-based affiliates, and has affected organizations in multiple U.S. critical infrastructure sectors since June 2022. They have also targeted Australian critical infrastructure sectors, professional services, and property development.

CISA and partners encourage infrastructure organizations and small- to medium-sized organizations implement mitigations in this advisory to reduce the likelihood and impact of BianLian and other ransomware incidents. These mitigations align with the Cross-Sector Cybersecurity Performance Goals developed by CISA and the National Institute of Standards and Technology.

This advisory is part of CISA’s ongoing #StopRansomware effort.Â

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

Federal government affected by Russian breach of Microsoft

April 4, 2024 0 Comments 0 tags

The Cybersecurity and Infrastructure Security Agency issued an emergency directive this week to address the impact on federal agencies from a breach of Microsoft carried out by a hacking unit

SolarWinds Urges Upgrade After Revealing Critical RCE Bug

August 15, 2024 0 Comments 0 tags

SolarWinds has discovered and fixed a critical remote code execution vulnerability in Web Help Desk

Cyber-Insurance Premiums Decline as Firms Build Resilience

July 1, 2024 0 Comments 0 tags

Insurance broker Howden says premiums are falling as security best practice takes hold