SecurityWeek reports that critical infrastructure organizations in the U.S. and other countries have been impacted by more than 2,000 ransomware intrusions since 2013.
Nearly 300 critical infrastructure-targeted ransomware incidents were launched last year, according to Critical Infrastructure Ransomware Attacks database maintained by Temple University's Aushul Rege and Rachel Bleiman, which not only details victims' names, attack dates, and locations, but also MITRE ATT&CK mapping and demanded ransoms. Additional findings from CIRA revealed that intrusions were most prevalent among organizations in the government, healthcare and public health, and education sectors, while ransoms have increased since 2022. While CIRA has proven beneficial for incident response planning and trend analysis, additional improvements — such as more comprehensive MITRE ATT&CK information and global attack coverage — are being mulled by Rege and Bleiman, who are also planning a yearly OSINT challenge that would improve data collection. "This contributes to creating a more complete dataset with relevant source information. Additionally, it may help identify new variables, such as points of entry, recovery costs and leaked data bidding costs," said Rege.
