CISA Releases Update to Royal Ransomware Advisory
Today, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released an update to joint Cybersecurity Advisory (CSA) #StopRansomware: Royal Ransomware. The updated advisory provides network defenders with additional information on tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Royal ransomware variants. FBI investigations identified these TTPs and IOCs as recently as June 2023.
Royal ransomware attacks have spread across numerous critical infrastructure sectors including, but not limited to, manufacturing, communications, healthcare and public healthcare (HPH), and education.
CISA encourages network defenders to review the updated CSA and to apply the included mitigations. See #StopRansomware for additional guidance on ransomware protection, detection, and response.