My TechDecisions

Compliance, IT Infrastructure, Network Security, News

Ransomware Continues to Disrupt Operational Technology Environments

Dragos research finds that ransomware operators will continue to disrupt operational technology (OT) environments.

Leave a Comment

Ransomware Government
stock.adobe.com/kaptn

Ransomware will continue to disrupt operational technology (OT) environments amid the Russian invasion of Ukraine, according to the latest research from industrial cybersecurity firm Dragos.

Researchers analyzed ransomware variants targeting industrial organizations worldwide and tracked ransomware information via public reports, and information uploaded or appearing on dark web resources.

Dragos’ findings suggest even though the number of ransomware attacks and dark web postings in the first quarter of 2022 is slightly less than the number in Q4 2021, the impacts of these ransomware attacks are much larger in operational technology environments.

Ransomware attackers are targeting giant organizations, their suppliers and subsidiaries resulting in major operational disruptions. A Conti-related attack in February of 2022 targeted Kojima Industries Corp, which supplies Toyota’s plastic parts and electronic components. The incident forced Toyota to shut down its operation for several days.

Ransomware Attacks by Region

Dragos also noted ransomware targets by region. Most ransomware attacks (81%) targeted Europe and North America.

Globally, 45% of ransomware attacks target industrial organizations and infrastructure in North America (36% of that in the U.S.); Europe comes second with 41%; Asia with 10%; the Middle East with 6%; South America with 2 %; and 1% for Africa and Australia tied for 1%.

The U.S. was the most targeted country for ransomware with 36% followed by the UK with 7% of all targeted attacks.

Ransomware Attacks by Industrial Sector 

About 75% of all ransomware attacks that Dragos tracked in Q1 2022 targeted the manufacturing sector.

At least 6% of these attacks targeted the food and beverage sector, 4% targeted pharmaceuticals, 3% targeted oil and natural gas, 3% targeted engineering; 2% targeted utilities and 1 % targeted mining.

Ransomware Group Trends

During Q1 of 2022, Dragos observed trends within certain ransomware groups:

  • Suncrypt and Quantum have been targeting only food and beverages entities.
  • RansomeXX and Rook have been targeting only pharmaceuticals.
  • The utilities sector has been mainly targeted by Avos Locker and Blackbyte.
  • The telecommunications sector has been mainly targeted by LAPSUS$.
  • Lorenz, LV, Moses Staff, KARAKURT, CL0P LEAKS, Ragnar Locker, and Stormous have only targeted organizations within the manufacturing sector.

Heading into Q2, Dragos asserts that political tension between Russia and western countries will only exacerbate ransomware disruptions.

Reader Interactions

Leave a Reply

Your email address will not be published.

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Four IT Trends That Will Define 2023
Expert Series: Four IT Trends That Will Define 2023

Learn about four key technologies we identified as critical to your IT organization’s success in 2023, as well as how to invest in new innovations ...

Harnessing the Power of Digital Signage
Harnessing the Power of Digital Signage

Choosing the best solutions for messaging, branding, and communicating in today’s content-everywhere landscape

Blueprint Series Cover: What works for hybrid work
Blueprint Series: What Works for Hybrid Work

Download this free resource to learn about how IT leaders can effectively manage and implement a hybrid work model.

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ