The number of ransomware attacks targeting industrial organizations and infrastructure has doubled since the second quarter of 2022, according to data from industrial cybersecurity firm Dragos.
In a report Analyzing data from the second quarter of 2023, Dragos said it saw 253 ransomware incidents, up 18% from last year. first quarter 2023when she observed 214 attacks.
The company saw 189 ransomware incidents during the month. last quarter of 2022an increase of 30% compared to the 128 incidents that occurred in the third quarter 2022. In the second quarter of 2022, this number fell to 125, compared to 158 incidents in the first quarter. The decline was attributed at the time by Dragos to cessation of Conti operations.
Dragos blamed the increase in attacks on ransomware revenue falls in 2022 because more and more victims refused to pay.
“Dragos estimates with moderate confidence that the third quarter of 2023 will witness an increase in enterprise-impact ransomware attacks against industrial organizations, for two reasons. First, the current political tension between NATO countries and Russia motivates Russia-aligned ransomware groups to continue targeting and disrupting critical infrastructure in NATO countries,” Dragos said.
“Second, as the number of victims willing to pay ransoms declines, RaaS groups have turned to larger organizations, resorting to widespread ransomware distribution attacks to maintain revenue,” he adds.
Nearly half of the ransomware attacks observed by the security firm affected organizations and infrastructure in North America, followed distantly by Asia.
Half of the 66 ransomware groups monitored by Dragos launched attacks in the second quarter of 2023, with the most active being LockBit, responsible for 48 incidents, followed by Alpha V, with 31 incidents, and Black Basta, with 26 incidents.
The manufacturing sector continues to be the most targeted, with 177 incidents, followed by industrial control systems (ICS), transportation, and oil and gas.
Related: Ransomware often hits industrial systems, with significant impact: survey
Related: Dragos claims ransomware gang accessed limited data but failed in extortion scheme
Related: ICS attacks in 2022: fewer than expected in the US energy sector, but ransomware has exploded