According to cybersecurity firm Dragos, ransomware attacks on industrial infrastructure more than doubled last year. Of the 600 industrial sector ransomware attacks tracked by Dragos in 2022, three-quarters of them (437) targeted manufacturing in 104 subsectors. That was a 92% increase over the 315 attacks the firm detected in 2021.
The Dragos report also highlighted the emergence of a new, highly dangerous threat group, Chernovite, which developed a modular ICS toolset designed to cause destruction against critical infrastructure companies in the US and Europe.
International conflicts and wars have exacerbated the use of cyber attacks as compliments to political pressure. During 2022, Ukraine saw increased threat group activity targeting its energy and critical industrial infrastructure sectors. Russia’s 2022 invasion of Ukraine provide opportunities for Russia-aligned actors to use their cyber offensive capabilities preemptively and in parallel to its kinetic attacks.
Top 10 Ransomware Group attributions from study:
- LOCKBIT: 169
- CONTI: 58
- BLACK BASTA: 54
- ALPHA V: 43
- HIVE: 33
- KARAKURT: 30
- ROYAL: 22
- SNATCH: 17
- AVOS LOCKER: 14
- BIANLIAN: 14
Morten Gammelgard EVP, EMEA at BullWall has this perspective:
“Anyone who’s looking at Ransomware as strictly a financial play by criminal enterprises is missing the bigger picture. We are, in most senses, in a war. North Korea, China and Russia are the biggest players in the Ransomware game and as tensions and armed conflicts with these nations continue to escalate the threat actors are shifting their focus to industries that will harm the US and its allies the most: Infrastructure, communications, supply chain, manufacturing and even the government itself.
“Countless government agencies have been under attack and some, particularly tax assessor offices, have been inoperable for months due to successful ransomware events. We will continue to see maximum focus on these parts of our economy as China, Russia and North Korea attempt to exacerbate our already record inflation to do maximum damage on our economy. The Ransom is only part of a longer game.
“With Russia, China and North Korea so focused on hurting our supply chain and production capability these organizations have to realize they won’t be able to stop those ransomware events from a determined nation-state actor. They MUST also have a solid response and containment strategy, including automated ransomware containment.
What’s clear from this report is ransomware is not going away anytime soon. Thus organizations need to ensure that they are fully protected from the threat that ransomware poses, or be prepared to suffer the consequences if they aren’t.
Like this:
Like Loading...
Related
This entry was posted on February 15, 2023 at 3:16 pm and is filed under Commentary with tags Dragos. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Dragos Report Shows How Much Ransomware Attacks Has Surged In The Last Year
According to cybersecurity firm Dragos, ransomware attacks on industrial infrastructure more than doubled last year. Of the 600 industrial sector ransomware attacks tracked by Dragos in 2022, three-quarters of them (437) targeted manufacturing in 104 subsectors. That was a 92% increase over the 315 attacks the firm detected in 2021.
The Dragos report also highlighted the emergence of a new, highly dangerous threat group, Chernovite, which developed a modular ICS toolset designed to cause destruction against critical infrastructure companies in the US and Europe.
International conflicts and wars have exacerbated the use of cyber attacks as compliments to political pressure. During 2022, Ukraine saw increased threat group activity targeting its energy and critical industrial infrastructure sectors. Russia’s 2022 invasion of Ukraine provide opportunities for Russia-aligned actors to use their cyber offensive capabilities preemptively and in parallel to its kinetic attacks.
Top 10 Ransomware Group attributions from study:
Morten Gammelgard EVP, EMEA at BullWall has this perspective:
“Anyone who’s looking at Ransomware as strictly a financial play by criminal enterprises is missing the bigger picture. We are, in most senses, in a war. North Korea, China and Russia are the biggest players in the Ransomware game and as tensions and armed conflicts with these nations continue to escalate the threat actors are shifting their focus to industries that will harm the US and its allies the most: Infrastructure, communications, supply chain, manufacturing and even the government itself.
“Countless government agencies have been under attack and some, particularly tax assessor offices, have been inoperable for months due to successful ransomware events. We will continue to see maximum focus on these parts of our economy as China, Russia and North Korea attempt to exacerbate our already record inflation to do maximum damage on our economy. The Ransom is only part of a longer game.
“With Russia, China and North Korea so focused on hurting our supply chain and production capability these organizations have to realize they won’t be able to stop those ransomware events from a determined nation-state actor. They MUST also have a solid response and containment strategy, including automated ransomware containment.
What’s clear from this report is ransomware is not going away anytime soon. Thus organizations need to ensure that they are fully protected from the threat that ransomware poses, or be prepared to suffer the consequences if they aren’t.
Share this:
Like this:
Related
This entry was posted on February 15, 2023 at 3:16 pm and is filed under Commentary with tags Dragos. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.