FBI: 870 Critical Infrastructure Organizations Were the Victim of Ransomware in 2022



FBI WarningThe FBI’s newly-released report shows just how ransomware continues to plague critical infrastructure sectors, despite the U.S. government’s recent efforts to stop these attacks.

You’ll probably recall the news about ransomware attacking the Colonial Pipeline and other U.S. critical infrastructure (CI) to the point that the government was stepping up their efforts to stop these attacks and even conducting congressional hearings on what to do about the problem. The FBI reported that nearly 650 CI businesses were hit in 2021. We’d all like to think that the introduction of the involvement of the U.S. government would spell the end of attacks on such important industry vectors that keep the country going.

But according to the FBI’s latest Internet Crimes Report that covers 2022, the number of CI businesses attacked increased by 34% in 2022, rising to 870.

In short, CI industries have plenty to be worried about. According to the FBI, Lockbit, BlackCat and Hive were the top three ransomware strains used in these attacks, targeting 16 CI sectors (shown below).

3-9-23 IMAGE

Source: FBI

According to the FBI, 14 of the 16 sectors had at least one attack that was successful, but did not go into detail on how many succumbed to an attack in total.

As an additional layer of security, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) began a pilot program - Ransomware Vulnerability Warning Pilot (RVWP) – which scans CI networks for internet-exposed devices that could be exploited.

In the meantime, CI organizations need to also focus on the number one ransomware initial attack vector – phishing. Users need to undergo continual Security Awareness Training to stifle scams, social engineering and BEC attacks that may be a prelude to a ransomware attack.


RanSim

Free downloadable software tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

RanSim gives you a quick look at the effectiveness of your existing network protection. RanSim will test 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

RansIm-Monitor3Here's how it works:

  • 100% harmless simulation of real ransomware and cryptomining infections
  • Does not use any of your own files
  • Tests 25 types of infection scenarios
  • Just download the installer and run it
  • Results in a few minutes!

Get RanSim!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/ransim

Topics: Ransomware



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews