Ransomware, Threat Intelligence
Evolving BianLian ransomware attack strategies detailed
Share
Intrusions by the BianLian ransomware operation during the past year have been refocused on specific targets and involved new attack techniques, according to SiliconAngle.
Despite initially gaining notoriety in expansive attacks around the world two years ago, BianLian has since primarily targeted organizations in the U.S. and Europe, especially those in the healthcare and manufacturing industries, a report from Palo Alto Networks' Unit 42 researchers revealed.
BianLian has also opted to concentrate on data exfiltration attacks in 2023, representing a pivot from the ransomware group's previous inclination to double extortion intrusions. Stolen remote desktop protocol credentials, vulnerability exploits, and numerous other methods have been leveraged by BianLian to achieve initial systems compromise, which would then be followed lateral movement and persistence techniques, as well as the deployment of a custom .NET tool allowing data exfiltration activities, researchers said.
The findings should prompt the adoption of extended detection and response and other security systems, as well as extensive cybersecurity training for employees, added researchers.
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Related Events
Related Terms
Business Email Compromise (BEC)Deauthentication AttackDeepfakeDictionary AttackDistributed ScansDomain HijackingDumpster DivingGoogle HackingHybrid AttackPassword CrackingGet daily email updates
SC Media's daily must-read of the most current and pressing daily news