Dragos Industrial Ransomware Analysis: Q1 2024

Dragos' Q1 2024 ransomware analysis reports 169 ransomware incidents impacting industrial organizations worldwide (with LockBit responsible for ~26.6% of observed events), highlights rapid exploitation of public-facing applications and zero-day vulnerabilities, notes a sectoral shift toward healthcare and ongoing law enforcement disruptions, warns of growing potential to affect OT processes despite only two variants demonstrating explicit OT-targeting (EKANS and Cl0p), and recommends ICS/OT-focused controls such as incident response planning, defensible architecture, visibility/monitoring, secure remote access, and risk-based vulnerability management.