August 15, 2024 at 11:10AM
Industrial cybersecurity firm Dragos reported a significant increase in ransomware attacks on industrial organizations in Q2 2024 compared to Q1, with 29 of 86 ransomware groups active. The US and Europe were most targeted, and the manufacturing sector was a primary focus. Resurgence of certain groups and evolving tactics indicate a continuing threat landscape for the industrial sector.
After reviewing the meeting notes, the key takeaways are:
– There was a significant increase in ransomware attacks on industrial organizations in Q2 2024 compared to Q1 2024, with 29 of the 86 ransomware groups known to target industrial organizations active in Q2.
– The number of attacks nearly doubled in Q2 compared to Q1, with 312 incidents observed in Q2.
– The Royal ransomware group rebranded to BlackSuit, and the Knight group became RansomHub, both with updated tactics and techniques.
– The majority of the ransomware attacks targeted industrial organizations in the United States and Europe, with the manufacturing sector being the most targeted.
– LockBit was behind the highest percentage of attacks, followed by Play, BlackBasta, 8Base, Akira, and BlackSuit.
– While no ransomware attacks specifically targeted industrial control systems (ICS) or operational technology (OT) processes, disruptions to OT networks occurred due to interdependencies between OT and IT systems.
– The ransomware threat landscape is expected to continue evolving, with the introduction of new ransomware variants and increasingly coordinated campaigns targeting industrial sectors.
These takeaways highlight the growing threat of ransomware attacks on industrial organizations and the need for continued vigilance and evolving cybersecurity measures.