US Authorities Warn of Rising Threat Posed by AvosLocker Cyberattacks on Critical Infrastructure

US authorities issued a stark warning this week about the escalating threat of cyberattacks targeting critical infrastructure from the notorious ransomware-as-a-service (RaaS) operation known as AvosLocker. As incidents of ransomware attacks continue to surge across various sectors, AvosLocker has emerged as a significant menace, targeting multiple critical industries across the US with a diverse range of tactics, techniques, and procedures (TTPs).

AvosLocker and its Tactics

AvosLocker has demonstrated its ability to infiltrate and disrupt critical infrastructure networks, with recent attacks reported as recently as May. What sets this ransomware group apart is its indiscriminate targeting of operating systems, having successfully compromised Windows, Linux, and VMWare ESXi environments in targeted organizations.

Increasing Ransomware Attacks

The emergence of AvosLocker and other ransomware groups is not an isolated incident; instead, it reflects the broader trend of rising ransomware attacks across various sectors. A report published by the cyber-insurance company Corvus on October 13th revealed a staggering 80% increase in ransomware attacks compared to the previous year, underscoring the urgent need for enhanced cybersecurity measures.

AvosLocker’s Techniques

The success of AvosLocker can be attributed to its adept utilization of living-off-the-land (LotL) tactics, leveraging native Windows tools and functions such as Notepad++, PsExec, and Nltest to conduct multiple actions on remote hosts. Furthermore, AvosLocker affiliates have been observed employing custom web shells to gain network access, as well as relying on PowerShell and bash scripts for lateral movement, privilege escalation, and the disabling of antivirus software.

Goals and Methods of AvosLocker

Once a network has been compromised, AvosLocker’s objectives become twofold: file locking and exfiltration. By encrypting critical files, the group aims to maximize the pressure on victims to fulfill ransom demands. In instances where victims prove uncooperative, AvosLocker resorts to follow-on extortion, threatening the public release of exfiltrated data.

Recommendations for Protection

To fortify critical infrastructure against the looming threat of AvosLocker and its counterparts, the Cybersecurity and Infrastructure Security Agency (CISA) has provided organizations with a comprehensive set of guidelines. It is crucial for critical infrastructure providers to implement standard cybersecurity best practices, such as regularly updating systems and software, conducting thorough vulnerability assessments, and ensuring robust incident response plans are in place.

As ransomware groups like AvosLocker continue to proliferate in terms of their sophistication and reach, organizations must take immediate action to safeguard their critical infrastructure. The warning issued by US authorities underscores the urgency and importance of prioritizing cybersecurity measures and remaining vigilant against evolving threats. Failure to do so may lead to devastating consequences for both organizations and the wider society they serve. By implementing proactive security measures and adhering to best practices, organizations can better defend themselves against the ever-present danger of ransomware attacks.

In an increasingly connected world, the fight against cybercrime is ongoing, and it is imperative that organizations continually adapt and enhance their defenses to prevent, detect, and respond to emerging threats. Through collaboration, information sharing, and investing in robust cybersecurity strategies, it is possible to mitigate the impact of ransomware attacks and safeguard critical infrastructure, bolstering the resilience of our societies in the face of evolving cyber threats.

Explore more

Can Federal Lands Power the Future of AI Infrastructure?

I’m thrilled to sit down with Dominic Jainy, an esteemed IT professional whose deep knowledge of artificial intelligence, machine learning, and blockchain offers a unique perspective on the intersection of technology and federal policy. Today, we’re diving into the US Department of Energy’s ambitious plan to develop a data center at the Savannah River Site in South Carolina. Our conversation

Can Your Mouse Secretly Eavesdrop on Conversations?

In an age where technology permeates every aspect of daily life, the notion that a seemingly harmless device like a computer mouse could pose a privacy threat is startling, raising urgent questions about the security of modern hardware. Picture a high-end optical mouse, designed for precision in gaming or design work, sitting quietly on a desk. What if this device,

Building the Case for EDI in Dynamics 365 Efficiency

In today’s fast-paced business environment, organizations leveraging Microsoft Dynamics 365 Finance & Supply Chain Management (F&SCM) are increasingly faced with the challenge of optimizing their operations to stay competitive, especially when manual processes slow down critical workflows like order processing and invoicing, which can severely impact efficiency. The inefficiencies stemming from outdated methods not only drain resources but also risk

Structured Data Boosts AI Snippets and Search Visibility

In the fast-paced digital arena where search engines are increasingly powered by artificial intelligence, standing out amidst the vast online content is a formidable challenge for any website. AI-driven systems like ChatGPT, Perplexity, and Google AI Mode are redefining how information is retrieved and presented to users, moving beyond traditional keyword searches to dynamic, conversational summaries. At the heart of

How Is Oracle Boosting Cloud Power with AMD and Nvidia?

In an era where artificial intelligence is reshaping industries at an unprecedented pace, the demand for robust cloud infrastructure has never been more critical, and Oracle is stepping up to meet this challenge head-on with strategic alliances that promise to redefine its position in the market. As enterprises increasingly rely on AI-driven solutions for everything from data analytics to generative