CISA, FBI, and NSA Note Increase in Conti Ransomware Attacks in Advisory

The Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the NSA have released a Joint Cybersecurity Advisory (CSA) on the Conti ransomware, noting they have observed the increased use of this malware in attacks. The advisory contains technical details on the malware; it also maps the malware’s techniques to the MITRE ATT&CK framework. Additionally, it discusses mitigation measures to reduce the risk of compromise by the Conti ransomware. For this, it highlights immediate actions to take now to protect against Conti, which include using multi-factor authentication, segmenting and segregating networks and functions, and updating operating systems and software. To report suspicious or criminal activity related to information found in advisory, contact your local FBI field office at www.fbi.gov/contact-us/field-offices, or the FBI’s 24/7 Cyber Watch (CyWatch) at(855) 292-3937 or by e-mail at Cy*****@*bi.gov. If you have any further questions, or to request incident response resources or technical assistance related to these threats, contact CISA at CI*************@******hs.gov. Read the advisory at CISA or below.