Ransomware hits 870 US critical infrastructure organizations in 2022
The top three included hackers Lockbit, ALPHV/BlackCat and Hive.
The US Federal Bureau of Investigation (FBI) reported in his report on internet crime in 2022 that ransomware gangs hacked into the networks of 870 US critical infrastructure organizations last year.
However, given that the FBI report only includes attacks reported to the Internet Crime Complaint Center (IC3), the actual number of attacks is likely higher.
“IC3 received 870 complaints indicating that organizations belonging to the critical infrastructure sector were the victims of a ransomware attack,” the FBI said in a statement.
In total, 2,385 complaints were filed by ransomware victims in 2022, and companies lost nearly $35 million in total losses.
In terms of the number of attacks last year, the top three ransomware gangs associated with attacks on critical infrastructure were lockbit (149), ALPHV/BlackCat (114) and hive (87).
Number of organizations by industry affected by ransomware attacks in 2022
The FBI advises against paying ransoms to cybercriminals, as the payments do not guarantee that victims of an attack will be able to recover their files, and may even encourage further attacks by the same or a completely different hacker group, as the attackers see the ability to pay in the victim.
Instead of paying a ransom, victims are encouraged to report ransomware incidents to the Online Crime Complaint Center (IC3), which will provide critical information to track down attackers and prevent future attacks.
The FBI also shared a list of recommended steps you can take to protect against ransomware attacks:
- update the operating system and software;
- implement cybersecurity training for employees in the company, especially focusing on phishing, to raise awareness of the risks of suspicious links and attachments;
- in the case of using the remote desktop protocol, protect and monitor it;
- Make regular offline backups of company data.