• Home
  • News
  • BlackSuit Ransomware Targets China and the US

BlackSuit Ransomware Targets China and the US

Bogdan Pătru

By Bogdan Pătru . 24 May 2024

Tech Writer

Alex Popa

Fact-Checked this

The BlackSuit gang posted 2 new victims on their public website. These are the US-based School District of Colfax and the Chinese Sichuan Dawei Science & Technology. No other information is available about the operation.

  • The BlackSuit hackers are known to hit high-profile targets and demand high ransoms
  • BlackSuit first emerged in 2023 and made a reputation for itself rather quickly
  • This recent attack saw the hackers infiltrating high-profile targets with ease and stealing a lot of valuable data
  • It’s unclear if any of the 2 institutions have decided to contact or negotiate with the perpetrators

BlackSuit is one of the newest and most dangerous ransomware actors currently in the ransomware sphere. The organization uses advanced tools and tactics to circumvent the victim’s defensive systems. Once inside, they encrypt the files and extract the data.

The operators will use the stolen data as leverage, trying to obtain as much money as possible. As data shows, most victims refuse to pay or even negotiate with the hackers. But some do, which is where these gangs get their financing.

X showing the BLACK SUIT attack on the 2 victims

While the number of ransomware attacks was on a downward spiral following 2022, the trend quickly took on an upward trend. 2024 started off with 76 attacks (recorded in January alone) which is a massive increase compared to the same month of 2022.

The most prolific month for ransomware attacks was April. It’s also important to note that the ransoms have gone up in value. Compared to previous years, 2024 saw an increase in ransom value with up to 500%.

Around 63% of the ransoms reached $1 million or more, while 30% of them jumped the $5 million threshold. Despite these numbers, a recent poll showed concerning figures. According to the latest data:

  • 94% of the respondents stated that they would pay the ransom to recover their data
  • 5% said they wouldn’t pay, but that that would depend on the value of the ransom
  • 1% said that they wouldn’t pay the ransom
  • 67% of companies stated that they’re willing to pay up to $3 million or more in ransom
  • 35% of them would pay $5 million or more

How to Deal with a Ransomware Attack?

These are, naturally, concerning numbers because they explain the increasing trend in the ransomware attack frequency over the past year. Ransomware gangs tune in because there’s a lot of money to be made.

But should you pay the ransom? The answer is clear as day: no. You should not negotiate with the hackers and you shouldn’t pay anything. One the one hand, because paying doesn’t guarantee that the hackers will delete the stolen data.

In fact, studies show that most of them don’t. Instead, they save it for later use or sell it to other third-party cybercriminal groups.

On the other hand, paying the ransom puts you on the hackers’ list for future hits. You’ve proven yourself to be a good payer, so they’ll most likely hit you again soon.

Our Mission

We believe security online security matters and its our mission to make it a safer place.

Leave a Comment