The yr 2024’s ransomware shake-up, fueled by regulation enforcement crackdowns on giants like LockBit, has shifted focus to crucial operations, with main assaults this yr hitting targets like Halliburton, TfL, and Arkansas water plant.
A Dragos research for the third quarter of 2024 highlighted a surge in exercise from new teams like RansomHub, Play, and Fog, all exploiting VPN flaws and stolen credentials to achieve footholds in crucial techniques utilizing varied living-of-the-land (LOTL) strategies.
“The shift from conventional monetary extortion to operational sabotage, notably by hacktivist personas, compounds ransomware dangers,” mentioned Dragos in a report. “This convergence of motivations additional blurs the road between cybercrime and cyberwarfare, requiring enhanced defenses for ICS and OT environments.”
