The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have observed the increased use of Conti ransomware in more than 400 attacks on U.S. and international organizations.

In typical Conti ransomware attacks, malicious cyber actors steal files, encrypt servers and workstations, and demand a ransom payment. 

To secure systems against Conti ransomware, we recommend implementing the mitigation measures described in the below Advisory, which include requiring multi-factor authentication (MFA), implementing network segmentation, and keeping operating systems and software up to date.

[Click here] for a PDF version of this report.

[Click here] for indicators of compromise (IOCs) in STIX format.