CISA, the FBI and NSA issued a warning to U.S. critical infrastructure Monday about BlackMatter, following attacks on agricultural firms NEW Cooperative and Crystal Valley.BlackMatter, a rebranding of the group behind Dark Side ransomware, operates as ransomware as a service, where affiliates pay BlackMatter a commission to use the ransomware. Beyond infections at NEW Cooperative and Crystal Valley, it has also appeared at Idaho marketer Marketron and Japanese camera maker Olympus.“The threat of ransomware goes beyond specific impacts to a victim company — it has risen to a national security issue,” Rob Joyce, director of cybersecurity at NSA, said in a statement.The group has been active since July. Dark Side operated until international attention from its use in the Colonial Pipeline ransom garnered overwhelming international attention. Information to detect, remediate and repel BlackMatter have been previously documented, but are included in the advisory, as well as common tips to avoid ransomware.
Ransomware, Threat Management
CISA, FBI, and NSA issue advisory on BlackMatter ransomware

Fuel holding tanks are seen at Colonial Pipeline's Linden Junction Tank Farm on May 10, 2021, in Woodbridge, N.J. The Dark Side ransomware group responsible for the cyberattack on Colonial Pipeline, rebranded as BlackMatter. (Photo by Michael M. Santiago/Getty Images)
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds