Detecting Black Basta Ransomware with ExtraHop NDR (Video)
Back to top
February 9, 2023
Detecting Black Basta Ransomware with ExtraHop NDR (Video)
Black Basta ransomware reportedly compromised 90 organizations in five months, between April and September 2022, with attacks continuing that fall. The speed with which this ransomware moved, combined with its use of double extortion techniques and ability to turn off endpoint detection and response (EDR) solutions, caught the attention of the entire cybersecurity industry.
Watch this short video with ExtraHop expert Josh Snow as he guides you through a Black Basta ransomware attack, from initial access to how it impairs and turns off defenses. He explains how network detection and response (NDR) from ExtraHop Reveal(x) 360 can detect this attack at a variety of stages, from initial access, to reconnaissance, to command and control (C2) and beyond. Josh shows the tactics and techniques Reveal(x) 360 detects, including network privilege escalation, loading backdoors, C2 shell-based beaconing, unusual schedule task, Active Directory (AD) enumeration with BloodHound, and more.

ExtraHop is on a mission to arm security teams to confront active threats and stop breaches. Our RevealX™ 360 platform, powered by cloud-scale AI, covertly decrypts and analyzes all cloud and network traffic in real time to eliminate blind spots and detect threats that other tools miss. Sophisticated machine learning models are applied to petabytes of telemetry collected continuously, helping ExtraHop customers to identify suspicious behavior and secure over 15 million IT assets, 2 million POS systems, and 50 million patient records. ExtraHop is a market share leader in network detection and response with 30 recent industry awards including Forbes AI 50, Cybercrime Ransomware 25, and SC Media Security Innovator.
Learn more at our About Us page.