Mandiant: 1 in 7 Ransomware Extortion Attacks Exposes OT Data

  /     /     /  
Publicated : 23/11/2024   Category : security


Mandiant: 1 in 7 Ransomware Extortion Attacks Exposes OT Data


Analysis of shaming site data dumps found sensitive documentation from OT organizations, including oil and gas.



Ransomware gangs often up their game by extorting their victims on so-called shaming sites, where they dump the stolen information to pressure the victims to pony up and pay ransom. According to a new analysis of these attacks by incident response provider Mandiant, one in seven of those extortion incidents exposes sensitive operational technology (OT) information stolen from industrial victims in the attacks.
Mandiant says more than 1,300 OT organizations in critical infrastructure and industrial production were hit by these so-called multifaceted extortion attacks in 2021. In a sampling of those victim cases, Mandiant said stolen OT data included detailed network and process documentation from two oil and gas organizations; admin credentials for an OEM to a manufacturer of trains, as well as backups for Siemens TIA Portal PLC project files; and product diagrams and source code for a platform that tracks automobile fleets via GPS for a satellite vehicle-tracking service provider, among other sensitive documents.
Access to this type of data can enable threat actors to learn about an industrial environment, identify paths of least resistance, and engineer cyber physical attacks. On top of this, other data also included in the leaks about employees, processes, projects, etc. can provide an actor with a very accurate picture of the target’s culture, plans, and operations, Mandiant said in its report.
The
Mandiant report
is available online.

Last News

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Mandiant: 1 in 7 Ransomware Extortion Attacks Exposes OT Data