As cyberattacks on civic infrastructure continue to rise, cities have started getting ransom demands to prevent their data from being released on the dark web. Further, some cities also had to deal with their networks being encrypted and hackers asking for a ransom to share keys to decrypt them. From Jan 2020 onwards we were seeing an increase in reconnaissance activity in facilities connected with critical infrastructure, a clear indicator of heightened interest in understanding the technology landscape, vulnerabilities, and security mechanisms to bypass them.
The rise in the detection of attacks on manufacturing is another trend we have been following for a while. Instances of Covid-19-themed attacks morphing into other forms of attacks such as compliance probing by government agencies, procurement alerts, confidential employee health information, and others. This indicates that hackers are now diversifying their tactics to lure potential victims.
Attacks linked to APT groups also registered a small spike this week and most attacks were emerging from North Korea and Eastern Europe.
We expect the attacks on critical infrastructure to grow along with attacks on these sectors:
- Utility entities
- Financial services
- Healthcare research labs
- Government websites and agencies – especially lawmakers and government agencies connected with internal/homeland security
- Manufacturing plants and maritime agencies