The FBI Cyber Division has published an advisory on the Zeppelin ransomware. This advisory is made by the FBI and the Cybersecurity and Infrastructure Security Agency (CISA).
They explain that in the advisory companies can find step by step recommendations which they can take to reduce the likelihood of a (Zeppelin) ransomware incident.
Zeppelin ransomware is a derivative of the Delphi-based Vega malware family and functions as a Ransomware as a Service (RaaS). From 2019 through at least June 2022, actors have used this malware to target a wide range of businesses and critical infrastructure organizations, including defense contractors, educational institutions, manufacturers, technology companies, and especially organizations in the healthcare and medical industries.
Zeppelin actors have been known to request ransom payments in Bitcoin, with initial amounts ranging from several thousand dollars to over a million dollars.
Download the paper
or download it here.