BlackMatter ransomware was extensively detected by our honeypot networks across APAC, EMEA and North America last week. Financial services, manufacturing plants and oil and gas infrastructure were among the most attacked sectors last week.
A significant spike in detection of cyberattacks on healthcare facilities was also recorded. Targets that were receiving the most attention from hackers included data centers, IoT-based smart monitoring systems, human machine interface systems, OT-based controllers and asset management systems.
Three clusters of suspected APT groups based in a Middle-Eastern country turned active this week with an almost 200 percent rise in cyberattacks emerging from their vicinity. These groups that had previously attacked water treatment plants in a country in the region turned their attention to healthcare facilities including hospitals and healthcare centers. The hackers involved were trying to steal data, shut down parts of the IT, IoT and OT infrastructure and reconnoiter networks connecting these facilities to other centers.
Entities belonging to these segments should be on their guard in the coming week:
• Oil and gas
• Utility entities
• Government websites and agencies – especially lawmakers and government agencies connected with internal/homeland security
• Manufacturing plants and maritime agencies
• Financial services