#StopRansomware: Interlock

Source: All CISA Advisories | Added:

The Interlock ransomware variant, first observed in September 2024, targets businesses and critical infrastructure in North America and Europe, utilizing a double extortion model that encrypts and exfiltrates victim data. The advisory details tactics, techniques, and procedures (TTPs) used by the ransomware actors, emphasizing the need for organizations to implement protective measures against these threats.

Impact: Not specified

In the Wild: Yes

Age: Newly disclosed

Remediation: Implement robust endpoint detection and response (EDR) tooling and capabilities; follow recommendations in the Mitigations section of the advisory.