Skip to content

At The Identity Organisation, we're here to help!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    Ransomware Group Known as ‘Royal’ Rebrands as BlackSuit and Is Leveraging New Attack Methods

    The ransomware threat group formerly known as “Royal” has rebranded itself as BlackSuit and updated their attack methods, warns the FBI.

    The latest advisory from the FBI on ransomware threat group BlackSuit, is actually an updated 18-month-old advisory originally released to warn organizations about the threat group Royal.

    It appears that the group has rebranded, according to the advisory, and has updated their methods of attack.

    According to the advisory, BlackSuit heavily relies on “RDP and legitimate operating system tools” and legitimate RMM solutions for lateral movement. They also have evolved their discovery techniques to include legitimate tools like SoftPerfect NetWorx to enumerate networks.

    Historically, Royal’s ransoms ranged from $1 million to $10 million. With the rebrand as BlackSuite, the largest ransom has jumped to $60 million. In total, BlackSuit has demanded over $500 million in ransoms – including both extortion and encryption ransoms.

    The FBI highlights that BlackSuit gains their initial access through phishing, compromised RDP, public-facing applications, and brokers. But it should be also noted that the advisory makes it clear that “phishing emails are among the most successful vectors for initial access by BlackSuit threat actors,” indicating that organizations need to increase efforts to stop phishing-based attacks – something security awareness training is designed to help with through continual education to establish user vigilance when interacting with email.

    KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.


    Free Ransomware Simulator Tool

    Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

    KnowBe4’s “RanSim” gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

    Here’s how it works:

    • 100% harmless simulation of real ransomware and cryptomining infections
    • Does not use any of your own files
    • Tests 25 types of infection scenarios
    • Just download the install and run it 
    • Results in a few minutes!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser:https://info.knowbe4.com/ransomware-simulator-tool-partner?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top