{"id":214461,"date":"2026-02-17T07:50:00","date_gmt":"2026-02-17T12:50:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/02\/17\/significant-rise-in-ransomware-attacks-targeting-industrial-operations\/"},"modified":"2026-02-17T08:25:10","modified_gmt":"2026-02-17T13:25:10","slug":"significant-rise-in-ransomware-attacks-targeting-industrial-operations","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/02\/17\/significant-rise-in-ransomware-attacks-targeting-industrial-operations\/","title":{"rendered":"Significant Rise in Ransomware Attacks Targeting Industrial Operations"},"content":{"rendered":"<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/rise-in-ransomware-targeting\/\">Significant Rise in Ransomware Attacks Targeting Industrial Operations<\/a><\/p>\n<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/rise-in-ransomware-targeting\/\">https:\/\/www.infosecurity-magazine.com\/news\/rise-in-ransomware-targeting\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-02-17 07:50:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.infosecurity-magazine.com\">www.infosecurity-magazine.com<\/a><\/p>\n<p>There has been a sharp rise in the number of ransomware groups targeting industrial organizations as cybercriminals continue to exploit vulnerabilities in operational technology (OT) and industrial control systems (ICS), researchers at Dragos have warned.<\/p>\n<p>A total of 119 ransomware groups targeting industrial organizations were tracked during 2025 according to the Dragos Annual OT Cybersecurity Year in Review for 2026, published on February 17. That figure represents a 49% increase from the 80 which were tracked in 2024.<\/p>\n<p>According to Dragos, 2025 saw 3300 industrial organizations around the world hit by ransomware, compared with 1693 in 2024. The most targeted sector was manufacturing, followed by transportation. \u00a0<\/p>\n<p>Oil and gas, electricity and communications were also among the most targeted critical and industrial systems.<\/p>\n<h2><strong>Legitimate Login Credentials Abused<\/strong><\/h2>\n<p>The most common cause of network compromise during observed attacks was via remote-access portals and virtualization services, including VPN portals, firewall interfaces or vendor tunnels. Attackers often leveraged legitimate login credentials of a real user to avoid detection.<\/p>\n<p>\u201cIdentity abuse allowed adversaries to move rapidly and quietly through enterprise environments,\u201d said Dragos.<\/p>\n<p>These credentials were stolen via phishing attacks, successful execution of infostealer malware or bought on the dark web via initial access brokers. Cybercriminals then exploited this access to cross IT and OT boundaries and gain entry to industrial and operational systems.<\/p>\n<p>The report details how one ransomware affiliate used compromised VPN access to reach an OT-adjacent ESXi hypervisor and deploy ransomware on SCADA supporting virtual machines.<\/p>\n<p>Although no devices directly controlling industrial equipment were touched, the loss of the virtualization layer removed operator visibility and control. This resulted in operational delays until the systems were rebuilt.<\/p>\n<p>Ransomware groups were also able to maintain&#8230;<\/p>\n<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/rise-in-ransomware-targeting\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Significant Rise in Ransomware Attacks Targeting Industrial Operations https:\/\/www.infosecurity-magazine.com\/news\/rise-in-ransomware-targeting\/ Publish Date: 2026-02-17 07:50:00 Source Domain:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":214462,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/assets.infosecurity-magazine.com\/webpage\/og\/edf23d2b-358c-4cdc-b0c2-c68dab98fe23.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,31,36,32,25],"class_list":["post-214461","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-exploit","tag-infostealer","tag-malware","tag-phishing"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/214461"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=214461"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/214461\/revisions"}],"predecessor-version":[{"id":214463,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/214461\/revisions\/214463"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/214462"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=214461"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=214461"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=214461"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}