Ransomware Group

SiegeWare

Status: active • First seen 2022-0830+ known victims

SiegeWare attacks smart buildings, threatening to turn off heating, air conditioning, elevators, and security cameras. This creates real physical danger for people in the buildings.

Overview

SiegeWare targets building automation and IoT systems, threatening to disable HVAC, elevators, and security systems unless ransoms are paid.

Target Industries

Real Estate, Hospitality, Critical Infrastructure, Commercial Buildings

How They Attack

  • Building automation targeting
  • IoT exploitation
  • Physical threats
  • OT attacks

Notable Victims

Smart buildings (2023), Hotel chains

Is your business exposed?

How to Protect Against SiegeWare

  1. 1.

    Segment IoT and building systems

  2. 2.

    Implement OT security monitoring

  3. 3.

    Maintain manual overrides for critical systems

MITRE ATT&CK Techniques

T1486, T1106, T1071, T1078

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices