According to the FBI, in 2021, cyber-extortionate groups hacked the networks of at least 649 organizations of critical infrastructure in the United States. However, the true figures may be higher, since the bureau began to keep records of allegations of incidents involving the use of extortionate software only in June 2021. In addition, the FBI report does not take into account incidents that the victims did not report.
According to the report, last year, out of 16 sectors of critical infrastructure in 14, at least one organization fell victim to ransomware.
Throughout 2021, the FBI issued various security notices, warnings for private industrial enterprises and flash notifications about the threat of ransomware.
Since December last year, Ragnar Locker ransomware has attacked the networks of at least 52 critical infrastructure organizations in the United States, Cuba – 49, and BlackByte – at least three.
Conti (87 victims), LockBit (58 victims) and REvil/Sodinokibi (51 victims) accounted for the most attacks in 2021. Each of these three groups attacked some sectors more often than others. For example, Conti most often attacked critical production, commercial enterprises, food and agricultural sectors.
In turn, LockBit ransomware was more used in attacks on government organizations, medical institutions and the financial sector.
The REvil/Sodinokibi group attacked financial services, IT companies and healthcare organizations more often.
This year, the FBI expects an increase in the number of attacks on critical infrastructure.