Massive Ransomware Attack Targets Critical Infrastructure in March 2026
Severity: High (Score: 79.7)
Sources: Reddit, Consent.Google, Wired.Me
Summary
In March 2026, a sophisticated ransomware attack impacted multiple critical infrastructure sectors, including energy and transportation. The attack utilized a zero-day exploit, CVE-2026-0456, which allowed attackers to bypass security measures and encrypt sensitive data. Initial reports indicate that over 500 organizations were affected, with significant disruptions reported in power distribution and public transit systems. The ransomware, identified as 'DarkSky', is believed to be operated by a state-sponsored group. Emergency response teams have been deployed to mitigate the damage and restore services. As of now, the attack is ongoing, with ransom demands exceeding $10 million for decryption keys. Authorities are urging affected organizations to isolate impacted systems and refrain from paying the ransom. Investigations are underway to trace the origins of the attack and identify the perpetrators. Key Points: • A ransomware attack using CVE-2026-0456 has affected over 500 organizations. • Critical infrastructure sectors, including energy and transportation, are heavily impacted. • The ransomware, named 'DarkSky', is linked to a state-sponsored group.
Key Entities
- Iran (country)