Mandiant: 1 in 7 Ransomware Extortion Attacks Exposes OT Data

  /     /     /  
Publicated : 23/11/2024   Category : security

Mandiant: 1 in 7 Ransomware Extortion Attacks Exposes OT Data


Analysis of shaming site data dumps found sensitive documentation from OT organizations, including oil and gas.


Ransomware gangs often up their game by extorting their victims on so-called shaming sites, where they dump the stolen information to pressure the victims to pony up and pay ransom. According to a new analysis of these attacks by incident response provider Mandiant, one in seven of those extortion incidents exposes sensitive operational technology (OT) information stolen from industrial victims in the attacks.
Mandiant says more than 1,300 OT organizations in critical infrastructure and industrial production were hit by these so-called multifaceted extortion attacks in 2021. In a sampling of those victim cases, Mandiant said stolen OT data included detailed network and process documentation from two oil and gas organizations; admin credentials for an OEM to a manufacturer of trains, as well as backups for Siemens TIA Portal PLC project files; and product diagrams and source code for a platform that tracks automobile fleets via GPS for a satellite vehicle-tracking service provider, among other sensitive documents.
Access to this type of data can enable threat actors to learn about an industrial environment, identify paths of least resistance, and engineer cyber physical attacks. On top of this, other data also included in the leaks about employees, processes, projects, etc. can provide an actor with a very accurate picture of the target’s culture, plans, and operations, Mandiant said in its report.
The
Mandiant report
is available online.

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security
▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security
▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
 		Exploits Vulnerability
 		Exploit Shellcodes

CVE List
 		Tools/Apps
 		News/Aarticles

Phishing Database
 		Deepfake Detection
 		Trends/Statistics & Live Infos



Tags:
Mandiant: 1 in 7 Ransomware Extortion Attacks Exposes OT Data