Most dual ransomware attacks occur within 48-hour timeframe, FBI warns

Most organizations impacted by ransomware attacks have been noted by the FBI to be experiencing another intrusion involving a different ransomware variant within 48 hours of each other, BleepingComputer reports. Dual ransomware attacks, which mostly involved the LockBit, AvosLocker, Karakurt, Royal, Quantum, Hive, and Diamond ransomware strains, have advanced data encryption and theft, as well as ransom payment-related financial losses among victims, said the FBI in a Private Industry Notification. Aside from conducting dual intrusions, ransomware operations have also improved their attack arsenal with detection bypassing code, according to the FBI. Moreover, double encryption was noted by Coveware co-founder and CEO Bill Siegel to be a long-standing practice among ransomware groups, citing the prevalence of simultaneous MedusaLocker and Globemposter ransomware deployment in attacks. Organizations have been urged by the FBI not only to implement the necessary mitigation measures and conduct comprehensive infrastructure scans but also to leverage remote access solutions and adopt network segmentation.