International Cyber Expo International Cyber Expo
  • About Us
Thursday, 9 July, 2026
IT Security Guru
International Cyber Expo
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Dragos Report Identifies Two New Threat Groups

The Dragos 2022 Industrial Cybersecurity Year In Review Report Highlights Increased Attacks on Industrial Sectors and New Era of Threats to Critical Infrastructure

by Guru Writer
February 15, 2023
in Featured, News
black with teal accent logo DRAGOS
Share on FacebookShare on Twitter
Dragos have released the findings from their annual Year in Review report for 2022. The report covers the state of the industrial sectors and the threats against them. Significantly, the report disclosed the identification of two new threat groups: CHERNOVITE and BENTONITE. It also examines new and existing threat activity, key ransomware findings, service engagement updates, as well as information disclosed around key vulnerabilities.
Specifically, the report found that cybersecurity risks for industrial organizations continued to grow in 2022 (nearly doubling) as attacks increased on industrial infrastructure sectors, particularly in the electric and manufacturing verticals. The manufacturing industry continued to be the most targeted sector, with 72% of all ransomware attacks targeting 437 manufacturing entities in 104 unique manufacturing subsectors. The report found that ransomware attacks against industrial organisations increased 87% over the last year.  
The Russian invasion of Ukraine in 2022 illustrated the impact of geopolitical conflict and physical warfare on the cybersecurity risks to industrial infrastructure sectors. Dragos disclose that Ukraine saw increased threat group activity targeting its energy and critical industrial infrastructure sectors.
PIPEDREAM, the first known cross-industry scalable ICS/OT malware with disruptive capabilities, brought in a new era in the evolution of malware development. PIPEDREAM was developed by the threat group CHERNOVITE. CHERNOVITE’S PIPEDREAM toolkit has the capabilities to impact tens of thousands of industrial devices that control critical infrastructure.  Dragos have assessed with high confidence that a state actor developed PIPEDREAM intending to leverage it in future operations for disruptive or destructive purposes. Although, they had not observed any examples of employment thus far.

The second newly identified threat group is BENTONITE, who have been increasingly and opportunistically targeting maritime oil and gas (ONG), governments, and the manufacturing sectors since 2021. The believe that BENTONITE conducts offensive operations for both espionage and disruptive purposes by exploiting vulnerable remote access assets or internet-exposed assets that can facilitate access. 

Last year’s report found that the Ransomware groups known as LockBit and Conti have been the most active in targeting organisations and Industrial Control System (ICS)/Operational Technology (OT) environment in 2021.

The 2022 report also found that there was a 27% increase in the number of vulnerabilities that Dragos investigated in 2022 over 2021.  The full report can be read here. 

ShareTweet
Previous Post

Dodge online banking fraudsters with these 12 cybersecurity tips

Next Post

Traditional PAM solutions aren’t working, Keeper Security study finds

Recent News

hand typing on keyboard

CitrixBleed 2 exploited in repeatable attack chain culminating in DragonForce ransomware, researchers find

July 9, 2026
malware

Huntress Uncovers ‘Vibe-Coded’ Malware Used to Map Active Directory Environments

July 8, 2026
Check Point’s ThreatCloud AI Blocked 4.6 Billion Attacks in 2025, Latest ESG Report Reveals

Check Point’s ThreatCloud AI Blocked 4.6 Billion Attacks in 2025, Latest ESG Report Reveals

July 8, 2026
Kirsty Fowler, WorkNest Secure

Next Gen Spotlights: Building a More Resilient Future – Q&A with WorkNest Secure

July 8, 2026

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol

  • About Us
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol