Updated: Conti Ransomware

03/09/2022 06:42 AM EST

Original release date: March 9, 2022

CISA, the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the United States Secret Service (USSS) have re-released an advisory on Conti ransomware. Conti cyber threat actors remain active and reported Conti ransomware attacks against U.S. and international organizations have risen to more than 1,000. 

CISA, the FBI, NSA, and the USSS encourage organizations to review AA21-265A: Conti Ransomware, which includes new indicators of compromise, for more information. See Shields Up and StopRansomware.gov for ways to respond against disruptive cyber activity.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA, FBI, and NSA Release Joint Cybersecurity Advisory on Conti Ransomware 

09/22/2021 01:00 PM EDT

Original release date: September 22, 2021

CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have released a joint Cybersecurity Advisory (CSA) alerting organizations of increased Conti ransomware attacks. Malicious cyber actors use Conti ransomware to steal sensitive files from domestic and international organizations, encrypt the targeted organizations’ servers and workstations, and demand a ransom payment from the victims.

CISA, FBI, and NSA encourage network defenders to examine their current cybersecurity posture and apply the recommended mitigations in the joint CSA, which include:  

  • Updating your operating system and software, 
  • Requiring multi-factor authentication, and  
  • Implementing network segmentation.

Additionally, review the U.S. government resource StopRansomware.gov for more guidance on ransomware protection, detection, and response.

This product is provided subject to this Notification and this Privacy & Use policy.