Snatch Ransomware: CISA Threat Advisory AA23-263A is now available for testing in Validato for all existing customers.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a cyber threat advisory relating to Snatch Ransomware, an emerging Ransomware threat actor that first emerged in 2021 and has so far mainly targeted organizations in the Defense, Agriculture, Food Production and Technology sectors.

Like many later generation Ransomware campaigns, Snatch Ransomware uses double extortion, whereby it exfiltrates a victim’s sensitive data before encrypting endpoints and posts the data to a public site if the demanded ransom payment is not made.

MITRE ATT&CK Tactics and Techniques

Here are the main MITRE ATT&CK Techniques used by Snatch Ransomware:

How to test security controls against Snatch Ransomware in Validato

Validato customers can now immediately test their security control effectiveness against the adversarial behaviors related to Snatch Ransomware by simply searching for Snatch Ransomware in the Validato threat scenarios module of the Validato platform.


What to do if you are not an existing Validato customer

If you are not an existing Validato customer and you would like to validate your security controls against Snatch Ransomware, contact us and we will be happy to discuss testing and commercial licensing options.