The Federal Bureau of Investigation (FBI) revealed in its 2022 Internet Crime Report that ransomware gangs hacked into the networks of at least 860 critical infrastructure organizations last year.
However, since the FBI report only includes attacks reported to the Internet Crime Complaint Center (IC3), the true number is likely higher.
“IC3 has received 870 complaints indicating that organizations in a critical infrastructure sector have been victims of a ransomware attack,” said the The FBI said.
“Of the 16 critical infrastructure sectors, IC3 reports indicated that 14 sectors had at least 1 member victim of a ransomware attack in 2022.”
In total, ransomware victims filed 2,385 complaints throughout 2022, with adjusted losses of over $34.3 million.
While the FBI says it has received 870 complaints from affected people critical infrastructure organizations, the graph that provides more detailed information for each sector only totals 860 results.
The top three ransomware gangs linked to attacks targeting critical infrastructure last year, based on the number of attacks, were Lockbit (149), ALPHV/BlackCat (114), and Hive (87).
This Year’s Internet Crime Report Confirms Law Enforcement Agency last year’s prediction of an “increase in critical infrastructure victimization in 2022” when victims filed 649 complaints.
The FBI advises against paying ransoms to cybercriminals because payments do not guarantee victims will get their files back, may encourage further attacks, and will most likely be used to fund additional attacks.
Victims are urged to report ransomware incidents to the Internet Crime Complaint Center (IC3), which will provide crucial information to track their attackers and prevent future attacks.
The FBI has issued several advisories, private industry notifications (PINs), and flash alerts in recent years warning of ransomware attacks on critical infrastructure, including Healthcare networks and first responders, Water and wastewater systemsTHE Food and agriculture sectorAnd educational institutions.
It also revealed that Ragnar Locker ransomware breached at least 52 critical organizationsCuba ransomware hit at least 49 critical infrastructure entities in the United Statesand BlackByte ransomware was deployed on the networks of at least three more.
The FBI shared a list of immediate actions that can be taken to defend against ransomware attacks:
- Update your operating system and software.
- Implement user training and phishing exercises to raise awareness of the risks of suspicious links and attachments.
- If you are using Remote Desktop Protocol (RDP), secure and monitor it.
- Make an offline backup of your data.
CISA also announced on Monday that it had been analysis of networks of critical infrastructure entities for devices vulnerable to ransomware since January 30, 2023, to warn them and help them fix vulnerabilities before they are hacked.