FBI: Critical Infrastructure Hit 860 Times by Ransomware in 2022

Despite a decrease in attacks, "ransomware remains a serious threat to the public and to our economy", the FBI says.

The FBI’s Internet Crime Report reveals that organizations that provide critical infrastructure for the United States were hit 860 times by ransomware attacks throughout 2022.

A myriad of different ransomware gangs are to blame, with some scripts being used over 100 times to attack healthcare, financial services, and telecommunications providers that the United States considers vital to its national economic security.

With ransomware attacks and data breaches only becoming more common, it’s important you equip your business with antivirus software, and train your staff to spot phishing attacks.

Ransomware Gangs Target Critical US Companies

In 2022, there were 870 different complaints made to the Internet Crime Complaint Center relating to 860 ransomware incidents, the Internet Crime Report details.

The FBI expects the real number of ransomware attacks to hit critical infrastructure to be much higher than that figure, however, as not all incidents are reported.

Lockbit ransomware was used 149 times in these attacks, while ALPHV/BlackCat was used 114 times, and Hive ransomware a total of 87 times.

Ragnar Locker ransomware breached at least 52 organizations deemed critical, while Cuba ransomware hit 49 U.S. entities, and BlackByte ransomware featured in three different attacks.

Sectors Targeted the Most by Ransomware

Out of all the industries that provide critical infrastructure, healthcare was hit the hardest by ransomware attacks, with 210 reported throughout 2022, almost a quarter of the total.

157 targeted critical manufacturing, while government facilities were on the receiving end of 115 ransomware attacks. Information technology (107), financial services (88) and commercial facilities (58) were also among the highest target.

Organizations that deal with energy, communications, and transportation were hit a combined 64 times by threat actors.

Protecting Your Company from Ransomware Attacks

There are various steps you can take to better prepare your company – and employees – for ransomware attacks.

Antivirus software, for example, is a must-have, and now many providers offer specific features that are included to prevent ransomware from wreaking havoc.

However, password managers are a crucial too, as these will make your employee’s account credentials much more robust to other kinds of cyber attacks.

Importantly though, training staff so they can spot the warning signs of a suspicious email, and know how to respond in the event of a ransomware attack, is equally as important, as is ensuring all of your software is up to date.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Written by:
Aaron Drapkin is Tech.co's Content Manager. He has been researching and writing about technology, politics, and society in print and online publications since graduating with a Philosophy degree from the University of Bristol six years ago. Aaron's focus areas include VPNs, cybersecurity, AI and project management software. He has been quoted in the Daily Mirror, Daily Express, The Daily Mail, Computer Weekly, Cybernews, Lifewire, HR News and the Silicon Republic speaking on various privacy and cybersecurity issues, and has articles published in Wired, Vice, Metro, ProPrivacy, The Week, and Politics.co.uk covering a wide range of topics.
Explore More See all news
Back to top
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals