Jorge Orchilles is the Chief Technology Officer of SCYTHE and co-creator of the C2 Matrix project. He is a SANS Certified Instructor and the author of Security 564: Red Team Exercises and Adversary Emulation. He was a founding member of MITRE Engenuity Center of Threat-Informed Defense. He is a Fellow at the Information Systems Security Association (ISSA) and National Security Institute. Prior, Jorge led the offensive security team at Citi for over 10 years.
The adversary behaviors and tactics, techniques, and procedures (TTPs) seem to be very similar for DarkSide and BlackMatter. It can be suggested that the threat actor simply changed their name and took a little break to distance themselves from the Colonial Pipeline breach. While it may seem we have had less ransomware attacks the past couple of months, we expect these types of double extorsion ransomware attacks to continue at full force the remainder of the year.5 October 2021