Leader in Cyber Underwriting

Loading...

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Analyze » Barricade Cyber Solutions » BAR1776889447

Incident Score: Analysis & Impact (BAR1776889447)

The details regarding individual company incidents & reports gives you full view from every side.

Rankiteo Score Impact Analysis

Rankiteo Incident Impact-162

Company Score Before Incident653 / 1000

Company Score After Incident491 / 1000

Company LinkView Barricade Cyber Solutions Profile

INCIDENT NUMBERBAR1776889447

Type of Cyber IncidentRansomware

ATTACK VECTORNA

DATA EXPOSEDPersonal details (names, photos, locations),...

INCIDENT DATE31/03/2025

STATUSpublished

Key Highlights From The Incident Analysis

Timeline of Barricade Cyber Solutions's Ransomware and lateral movement inside company's environment.
Overview of affected data sets, including SSNs and PHI, and why they materially increase incident severity.
How Rankiteo’s incident engine converts technical details into a normalized incident score.
How this cyber incident impacts Barricade Cyber Solutions Rankiteo cyber scoring and cyber rating.
Rankiteo’s MITRE ATT&CK correlation analysis for this incident, with associated confidence level.

Full Incident Analysis Transcript

In this Rankiteo incident briefing, we review the Barricade Cyber Solutions breach identified under incident ID BAR1776889447.

The analysis begins with a detailed overview of Barricade Cyber Solutions's information like the linkedin page: https://www.linkedin.com/company/barricadecyber, the number of followers: 1983, the industry type: Computer and Network Security and the number of employees: 3 employees

After the initial compromise, the video explains how Rankiteo's incident engine converts technical details into a normalized incident score. The incident score before the incident was 653 and after the incident was 491 with a difference of -162 which is could be a good indicator of the severity and impact of the incident.

In the next step of the video, we will analyze in more details the incident and the impact it had on Barricade Cyber Solutions and their customers.

Krybit recently reported "0APT Threatens to Dox Rival Ransomware Group Krybit in Unprecedented Cybercriminal Feud", a noteworthy cybersecurity incident.

A new escalation in the ransomware underworld has emerged as the cybercriminal group 0APT publicly threatened to expose the identities of operators behind the rival Krybit ransomware operation.

The disruption is felt across the environment, and exposing Personal details (names, photos, locations), plaintext credentials, cryptocurrency wallet addresses.

In response, and stakeholders are being briefed through Leaked blog post, public threats.

The case underscores how teams are taking away lessons such as The incident underscores the volatile and unpredictable nature of ransomware rivalries. Engaging with criminal groups for decryption assistance is unreliable and hazardous, and recommending next steps like Victims of Krybit should preserve forensic evidence and avoid engaging with either 0APT or Krybit. Organizations should remain vigilant against intra-criminal disputes spilling over into broader cyber threats, with advisories going out to stakeholders covering Victims are advised to preserve forensic evidence and avoid engaging with either group.

Finally, we try to match the incident with the MITRE ATT&CK framework to see if there is any correlation between the incident and the MITRE ATT&CK framework.

The MITRE ATT&CK framework is a knowledge base of techniques and sub-techniques that are used to describe the tactics and procedures of cyber adversaries. It is a powerful tool for understanding the threat landscape and for developing effective defense strategies.

MITRE ATT&CK® Correlation Analysis

Rankiteo's analysis has identified several MITRE ATT&CK tactics and techniques associated with this incident, each with varying levels of confidence based on available evidence. Under the Initial Access tactic, the analysis identified Trusted Relationship (T1199) with moderate confidence (60%), supported by evidence indicating rivalry between cybercriminal groups (0APT and Krybit) and Compromise Accounts (T1586) with moderate to high confidence (70%), supported by evidence indicating plaintext credentials and five cryptocurrency wallet addresses. Under the Credential Access tactic, the analysis identified Credentials In Files (T1552.001) with moderate to high confidence (80%), supported by evidence indicating plaintext credentials...released as a warning and Credentials from Password Stores (T1555) with moderate confidence (60%), supported by evidence indicating sample of allegedly stolen Krybit data. Under the Collection tactic, the analysis identified Data from Local System (T1005) with moderate to high confidence (80%), supported by evidence indicating personal details (names, photos, locations), plaintext credentials. Under the Exfiltration tactic, the analysis identified Exfiltration Over C2 Channel (T1041) with high confidence (90%), supported by evidence indicating data exfiltration such as Yes (sample data released). Under the Impact tactic, the analysis identified Data Encrypted for Impact (T1486) with moderate confidence (50%), supported by evidence indicating 0APT claims to offer decryption keys to Krybit victims and Defacement: Internal Defacement (T1491.001) with moderate to high confidence (70%), supported by evidence indicating krybit’s website is currently offline (maintenance message). Under the Reconnaissance tactic, the analysis identified Gather Victim Org Information (T1591) with moderate to high confidence (70%), supported by evidence indicating personal details (names, photos, locations) of Krybit affiliates. Under the Command and Control tactic, the analysis identified Application Layer Protocol: Web Protocols (T1071.001) with moderate confidence (60%), supported by evidence indicating leaked blog post, public threats via communication. These correlations help security teams understand the attack chain and develop appropriate defensive measures based on the observed tactics and techniques.

Initial Access

Trusted Relationship (60%)

Compromise Accounts (70%)

Credential Access

Credentials In Files (80%)

Credentials from Password Stores (60%)

Collection

Data from Local System (80%)

Exfiltration

Exfiltration Over C2 Channel (90%)

Impact

Data Encrypted for Impact (50%)

Defacement: Internal Defacement (70%)

Reconnaissance

Gather Victim Org Information (70%)

Command and Control

Application Layer Protocol: Web Protocols (60%)

Sources & References

Barricade Cyber Solutions Rankiteo Cyber Incident Details: https://www.rankiteo.com/company/barricadecyber/incident/BAR1776889447
Barricade Cyber Solutions CyberSecurity Rating page: https://www.rankiteo.com/company/barricadecyber
Barricade Cyber Solutions Rankiteo Cyber Incident Blog Article: https://blog.rankiteo.com/bar1776889447-krybit-0apt-ransomware-april-2025/
Barricade Cyber Solutions CyberSecurity Score History: https://www.rankiteo.com/company/barricadecyber/history
Barricade Cyber Solutions CyberSecurity Incident Source: https://www.techradar.com/pro/security/we-will-reveal-their-identity-photos-names-location-and-other-experts-reveal-extraordinary-battle-between-rival-ransomware-gangs-and-how-victims-can-get-their-data-back
Rankiteo A.I CyberSecurity Rating methodology: https://www.rankiteo.com/Images/rankiteo_algo.pdf
Rankiteo TPRM Scoring methodology: https://static.rankiteo.com/model/rankiteo_tprm_methodology.pdf