Ransomware Actors Continue to Gain Access through Third Parties and Legitimate System Tools

This FBI Private Industry Notification (PIN) is being provided to assist agencies and organizations in guarding against the persistent malicious actions of cybercriminals.
The FBI is releasing this PIN to highlight ransomware initial access trends and encourage organizations to implement the recommendations in the mitigations section to reduce the likelihood and impact of ransomware incidents.
As of July 2023, the FBI noted several trends emerging or continuing across the ransomware environment and is releasing this notification for industry awareness. New trends included ransomware actors exploiting vulnerabilities in vendor-controlled remote access to casino servers, and companies victimized through legitimate system management tools to elevate network permissions.
This FBI PIN provides an overview of the threat, mitigation recommendations, and is being provided to assist agencies and organizations in guarding against the persistent malicious actions of cybercriminals.