March 16, 2023

The FBI has released its 2022 Internet Crime Report, which reveals that at least 860 critical infrastructure organizations were targeted by ransomware attacks last year.

The actual number is likely higher, according to the report, because it only includes attacks reported to the Internet Crime Complaint Center (IC3). According to IC3 data, 14 of the 16 critical infrastructure sectors experienced at least one ransomware attack in 2022. Throughout the year, ransomware victims filed 2,385 complaints, with adjusted losses totaling more than $34.3 million.

According to the report, the top three ransomware gangs linked to attacks on critical infrastructure last year were Lockbit, ALPHV/BlackCat, and Hive. Lockbit launched 149 attacks, while ALPHV/BlackCat and Hive launched 114 and 87, respectively. It also states that Ragnar Locker ransomware infiltrated at least 52 critical organizations, Cuba ransomware infiltrated at least 49 US critical infrastructure entities, and BlackByte ransomware infiltrated at least three others’ networks.

The FBI warns against paying cybercriminals ransoms because it does not guarantee file recovery, may encourage further attacks, and may be used to fund additional attacks. Victims are encouraged to report ransomware incidents to the IC3, which provides vital information for tracking down attackers and preventing future attacks.

The FBI advises taking immediate steps to defend against ransomware attacks, such as updating operating systems and software, implementing user training and phishing exercises to raise awareness about the dangers of suspicious links and attachments, securing and monitoring Remote Desktop Protocol (RDP), and creating an offline backup of data.

The sources for this piece include an article in BleepingComputer.