The supposedly Chinese ransomware group BianLian reached US recently, targeting Republic Shipping Consolidators. This is a high-profile shipping actor with global reach, involved in Ocean and Air Fright services across the US, Nicaragua, Asia, and Europe.
This recent attack falls in line with the cyber-threat actor’s usual MO. BianLian usually attacks high-profile targets from a variety of fields. These include healthcare, finances, government, education, law, and many others.
The fact that the group is so fearless and indiscriminate suggests that the organization is well financed and extremely powerful. This theory is also supported by BianLian’s ability to upgrade its systems and tools faster than any other ransomware actor.
As recent investigation shows, this is one of the organization’s main strengths: its ability to keep up with the trends and upgrade its tactics and attack vectors accordingly. The group’s operating code is constantly under change.
This type of adaptability recommends BianLian as one of the most powerful organizations in the cyber-criminal world. Despite its active profile, the organization’s structure and operating ladder remains anonymous at this time.
We believe security online security matters and its our mission to make it a safer place.
The group began operating at a low level in 2019, when its first Android iteration came out. However, the program took its current form in July of 2022, when it eventually became rampant and made a name for itself.
BianLian has been using the double-extortion MO since the beginning and with great success according to the latest statistics. It’s unclear how many victims chose to pay the ransom vs. fighting the attacker on their own.
But this is standard with most attacks, as ransomware victims rarely admit to paying the ransom, since this paints them as vulnerable targets who are willing to pay. BianLian follows the typical Asian trend of using tell-telling names to inspire fear.
BianLian alludes to the Chinese art of face changing, which is a traditional form of entertainment. This name is symbolic for the organization’s rapid and effective adaptability and willingness to constantly upgrade and improve its systems and MOs.