THREAT ACTOR: BlackCat / ALPHV
BlackCat extorts money from targeted organizations by stealing sensitive data and threatening to release it publicly, and encrypting systems. But BlackCat goes one stage further and also threatens to launch a distributed denial-of-service (DDoS) attack if its demands are not met.
This technique is known as “triple extortion.”
BlackCat has gained traction since late 2021 by offering payouts to its affiliates of up to 90%.
Incidents Associated with this Threat
- Blackcat / ALPHV Ransomware Attack Hits Luxembourg-based Critical Infrastructure Companies July 22, 2022:
- Energy Supplier Entega’s Customer Data Posted on the Dark Web after Ultimatum Expired June 12, 2022:
- April 20, 2022: Unidentified Automotive Supplier Breached Three Times within Two Months
- February 3, 2022: Ransomware Attack at Swiss Airport Services Firm
- January 29, 2022: German Oil Tank Farm Shut Down