Advertisement
Advertisement
Cybersecurity
Get more with myNEWS
A personalised news feed of stories that matter to you
Learn more
Ransomware attacks against industrial organisations spiked in 2022, hitting firms across a number of critical sectors including energy, food and water. Photo: Reuters

Ransomware attacks on industrial firms jumped 87 per cent in 2022, hitting renewable energy and utilities

  • Hackers targeted mining, food, water, electrical and natural gas sectors, according to a report from cybersecurity firm Dragos
  • The report comes after Chainalysis previously concluded total ransomware payments were down for the year, although it did not indicate fewer attacks

Ransomware attacks against industrial organisations increased by 87 per cent in 2022 from the year before, with most malicious software targeting the manufacturing sector, according to findings published onTuesday.

Hackers last year targeted mining industries in Australia and New Zealand, and continued their focus on renewable energy companies in the US and the European Union, cybersecurity firm Dragos said in a report. Attackers also increased or accelerated their attacks on energy, food, water, electrical and natural gas sectors, the company determined.

“They’re definitely going after manufacturing a heck of a lot more than electric and oil and gas,” said Robert M Lee, Dragos’ chief executive officer.

Dragos also found that one ransomware hacking tool could disrupt tens of thousands of systems that help manage global electricity infrastructure, gas pipelines and water companies. The so-called Pipedream malware, tied to the threat group Chernovite, can be reused against targets in different industries and can hamper a wide variety of industrial systems, Dragos said.

Cryptocurrency ransom payments drop amid record-high illicit transactions in 2022

Dragos also underscored that threats against the energy sector and critical infrastructure increased following Russia’s February 2022 invasion of Ukraine. While Dragos said malicious activity ended up being less profound than expected, it nonetheless said that one unnamed Ukrainian power company still faced a “significant attack”.

To stave off attacks in general, the company recommended organisations create effective response plans, have tools for monitoring their infrastructure and secure access to their systems by implementing two-factor authentication.

The report comes after other findings suggested a downturn in successful extortion-related hacking. Overall, payments to ransomware groups dropped sharply in 2022, with victims sending US$456.8 million to hackers, down from US$765.5 million in 2021, according to the blockchain analysis firm Chainalysis.

In recent weeks, ransomware attacks have disrupted derivatives training and encumbered public school systems in Arizona and Massachusetts.

Post