Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Nuclear and Oil & Gas are Major Targets of Ransomware Groups in 2024

Experts warn of an alarming rise in ransomware operations targeting the energy sector, including nuclear facilities and related research entities. Resecurity, Inc. (USA) protecting major Fortune 100 and government agencies globally has identified an alarming rise in ransomware operators targeting the energy sector, including nuclear facilities and related research entities. Over the last year, ransomware […]

ransomware energy sector

Experts warn of an alarming rise in ransomware operations targeting the energy sector, including nuclear facilities and related research entities.

Resecurity, Inc. (USA) protecting major Fortune 100 and government agencies globally has identified an alarming rise in ransomware operators targeting the energy sector, including nuclear facilities and related research entities. Over the last year, ransomware attackers have targeted energy installations in North America, Asia, and the European Union. In the EU, Handelsblatt reported that ransomware attacks targeting the energy sector more than doubled in 2022 over the previous year, with defenders recording 21 attacks through the past October.

Resecurity’s research delves deeper into unique ransomware trends cited by the U.S. Department of Homeland Security in their recently published Intelligence Enterprise Homeland Threat Assessment. “Between January 2020 and December 2022, the number of known ransomware attacks in the United States increased by 47 percent,” according to the DHS report. The agency also noted that “ransomware attackers extorted at least $449.1 million globally during the first half of 2023 and are expected to have their second most profitable year.”

The alarming escalation of ransomware attacks against the energy sector and critical infrastructure is a trend that cannot be ignored. With at least a dozen sophisticated groups such as BlackCat/ALPHV, Medusa, and LockBit 3.0, among others, intensifying their focus on these high-stakes targets, the threat landscape is becoming increasingly dangerous. These threat actors are not acting in isolation; they are supported by a flourishing ecosystem of underground access brokers and tool developers who provide the necessary leverage to infiltrate and exploit these essential systems in critical infrastrucruee. The collaboration between these groups and individual actors is a clear indicator of the strategic importance placed on the energy sector, which is perceived as a goldmine for high-value data and maximum ransom payouts exceeding $5,000,000 (million) in some cases. Resecurity uncovered several episodes of attacks against nuclear operators – area of major concern for national security.

Looking ahead to 2024, Resecurity analysts envision a significant growth in targeted cyber threats, particularly with ransomware groups increasingly prioritizing high-value targets within the energy sector and its supply chain.

Let me suggest reading the report “Ransomware Attacks Against The Energy Sector On The Rise – Nuclear And Oil & Gas Are Major Targets In 2024,” it includes evidence that nuclear energy firms are becoming priority targets for extortion groups.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Ransomware)