Royal ransomware attacks have spread across numerous critical infrastructure sectors including, but not limited to, manufacturing, communications, health care and public health care (HPH) and education.
As a result of these attacks, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released a joint Cybersecurity Advisory (CSA) #StopRansomware: Royal Ransomware on Thursday, March 2, to provide network defenders tactics, techniques and procedures (TTPs) and indicators of compromise (IOCs) associated with Royal ransomware variants. FBI investigations identified these TTPs and IOCs as recently as January 2023.
CISA recommendations:
- Prioritize remediating known exploited vulnerabilities.
- Train users to recognize and report phishing attempts.
- Enable and enforce multifactor authentication.
Review the CSA for the full technical details. Additionally, visit StopRansomware.gov for additional guidance on ransomware protection, detection and response.
