BianLian has shifted to encryption-based extortion in 2023, warning victims of financial consequences if they don't pay, reducing technical effort required for attacks.
BianLian, initially targeting critical national infrastructure, has rapidly evolved its tactics and is now exclusively employing less technically intensive extortion methods since January 2024.
The ACSC and CISA emphasize that organizations must implement mitigation strategies to lessen the risks associated with BianLian and similar ransomware threats.
The BianLian ransomware operation has established a reputation for targeting critical infrastructure, utilising stolen RDP credentials to infiltrate and manipulate victim environments.
Collection
[
|
...
]