Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Tuesday, 21 March, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Dragos Report Identifies Two New Threat Groups

The Dragos 2022 Industrial Cybersecurity Year In Review Report Highlights Increased Attacks on Industrial Sectors and New Era of Threats to Critical Infrastructure

by Guru Writer
February 15, 2023
in Featured, News
black with teal accent logo DRAGOS
Share on FacebookShare on Twitter
Dragos have released the findings from their annual Year in Review report for 2022. The report covers the state of the industrial sectors and the threats against them. Significantly, the report disclosed the identification of two new threat groups: CHERNOVITE and BENTONITE. It also examines new and existing threat activity, key ransomware findings, service engagement updates, as well as information disclosed around key vulnerabilities.
Specifically, the report found that cybersecurity risks for industrial organizations continued to grow in 2022 (nearly doubling) as attacks increased on industrial infrastructure sectors, particularly in the electric and manufacturing verticals. The manufacturing industry continued to be the most targeted sector, with 72% of all ransomware attacks targeting 437 manufacturing entities in 104 unique manufacturing subsectors. The report found that ransomware attacks against industrial organisations increased 87% over the last year.  
The Russian invasion of Ukraine in 2022 illustrated the impact of geopolitical conflict and physical warfare on the cybersecurity risks to industrial infrastructure sectors. Dragos disclose that Ukraine saw increased threat group activity targeting its energy and critical industrial infrastructure sectors.
PIPEDREAM, the first known cross-industry scalable ICS/OT malware with disruptive capabilities, brought in a new era in the evolution of malware development. PIPEDREAM was developed by the threat group CHERNOVITE. CHERNOVITE’S PIPEDREAM toolkit has the capabilities to impact tens of thousands of industrial devices that control critical infrastructure.  Dragos have assessed with high confidence that a state actor developed PIPEDREAM intending to leverage it in future operations for disruptive or destructive purposes. Although, they had not observed any examples of employment thus far.

The second newly identified threat group is BENTONITE, who have been increasingly and opportunistically targeting maritime oil and gas (ONG), governments, and the manufacturing sectors since 2021. The believe that BENTONITE conducts offensive operations for both espionage and disruptive purposes by exploiting vulnerable remote access assets or internet-exposed assets that can facilitate access. 

Last year’s report found that the Ransomware groups known as LockBit and Conti have been the most active in targeting organisations and Industrial Control System (ICS)/Operational Technology (OT) environment in 2021.

The 2022 report also found that there was a 27% increase in the number of vulnerabilities that Dragos investigated in 2022 over 2021.  The full report can be read here. 

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

Dodge online banking fraudsters with these 12 cybersecurity tips

Next Post

Traditional PAM solutions aren’t working, Keeper Security study finds

Recent News

Nominations are Open for 2023’s European Cybersecurity Blogger Awards

Nominations are Open for 2023’s European Cybersecurity Blogger Awards

March 20, 2023
TikTok to be banned from UK Government Phones

TikTok to be banned from UK Government Phones

March 17, 2023
New AT&T Cybersecurity USM Anywhere Advisors Service Helps to Establish and Maintain Threat Detection and Response Effectiveness

Should Your Organization Be Worried About Insider Threats?

March 17, 2023
Guild Education controls API abuse with Salt Security

Guild Education controls API abuse with Salt Security

March 16, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information