San Francisco 49ers hit with ransomware attack


The advisory says ransomware had “compromised multiple US and foreign businesses, including entities in at least three US critical infrastructure sectors” since November.

And “Recommends immediate actions that can be taken now include ensuring timely patching of all operating software; implementing a user training program that includes recognizing and reporting suspicious emails; securing and monitoring remote desktop protocol, if used; and maintaining an offline backup of your data.”

BlackByte is a ransomware-as-a-service group. That means it’s decentralized, with independent operators or gangs developing the malware. Then the groups are hacking into organizations and collecting ransoms in the millings.  And ransomware groups are becoming increasingly professionalized.