Industrial and IoT networks under greater malware attack
Cette publication existe aussi en Français
The latest data shows that industrial and IoT networks are under enhanced attack from hackers and malware.
Data from Dragos shows the second quarter of 2023 to be an exceptionally active period for ransomware groups, with malware attacks increasing by 18% on the previous quarter.
Dragos identified 254 ransomware incidents in the second quarter of 2023 from 33 ransomware groups, compared to 20 in Q1.
Half of the 66 groups actively target industrial organisations, exploiting zero-day vulnerabilities, targeting public-facing serviced, and compromising IT service providers. The research shows that 70% of all alleged ransomware attacks impacted the manufacturing sector with 177 total incidents.
- New type of polymorphic fully autonomous malware
- Pipedream malware targets industrial control systems
- Major cyber threats facing consumers in 2023
47.5% of the 253 ransomware alleged attacks recorded globally impacted industrial organisations and infrastructure in North America, for a total of 120 incidents, up 27% over Q1. The industrial ransomware incidents that Dragos tracked last quarter impacted 20 unique manufacturing subsectors. At the top of the list, equipment manufacturing had around 26 attack.
The Lockbit 3.0 malware was responsible for 19% of the total alleged ransomware attacks, accounting for 48 incidents, nearly a 38% decrease compared to the incidents in the last quarter.
Dragos expects the third quarter of 2023 will see more ransomware attacks against industrial organizations for two reasons.
Firstly, the prevailing political tension between NATO countries and Russia motivates Russian-aligned ransomware groups to continue targeting and disrupting critical infrastructure in NATO countries.
Secondly, as the number of victims willing to pay ransoms diminishes, RaaS groups have shifted their focus towards larger organizations, resorting to widespread ransomware distribution attacks to sustain their revenues. One notable incident in Q2 was the attack on the Port of Nagoya in Japan, which impacted the port’s operations and subsequently affected the supply chains of other industrial organizations, including the Toyota packaging line.
www.dragos.com/blog/dragos-industrial-ransomware-attack-analysis-q2-2023/
If you enjoyed this article, you will like the following ones: don't miss them by subscribing to :
