19 July 2022, Philippines – Palo Alto Networks (NASDAQ: PANW), the global cybersecurity leader, warned that a new ransomware called BlackCat is attacking Philippine-based organizations in construction and engineering, retail, transportation, commercial services, insurance, machinery, professional services, telecommunication, auto components, and pharmaceutical sectors.
BlackCat is a ransomware family coded in Rust programming language which has numerous native options and is highly customizable, making it easier for malware authors to pivot and individualize attacks. By leveraging this programming language, ransomware attacks can be easily compiled against various operating system architectures of businesses.
The ransomware family surfaced in mid-November 2021 and quickly gained notoriety for its sophistication and innovation. Operating in a ransomware-as-a-service (RaaS) business model, BlackCat was found soliciting for affiliates in known cybercrime forums, offering to allow affiliates to leverage the ransomware and keep 80-90% of the ransom payment. The remainder would be paid to the BlackCat author.
PANW also reported that 94% of organisations across Southeast Asia, including the Philippines, experienced an increase in cybersecurity attacks. As BlackCat poses a new threat in the country, PANW urges companies to secure their networks with the following products and services: Cortex XDR and Nxt-Generation Firewalls (including cloud-delivered security subscriptions such as WildFire).