The FBI has issued a warning on ransomware operators exploiting vulnerabilities in third-party vendors and services to gain initial access to victim environments. Between 2022 and 2023, multiple ransomware attacks abused gaming vendors to compromise servers of small and tribal casinos and encrypt personal information. The FBI warns of callback-phishing data theft and extortion attacks by the Silent Ransom Group (SRG), also known as Luna Moth. To mitigate the risk, the FBI recommends organizations create backups, review vendor security, secure user accounts, implement phishing-resistant MFA, monitor suspicious activity, disable unused ports and services, and keep systems and applications updated.
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.