2025年勒索软件态势概览报告 RANSOMWARE overview 2025 Anticipating a cyber secure world

Anticipatingacybersecureworld

RANSOMWAREoverview2025

MalwareAnalysis-Lab522

Disclaimer:ThisreporthasbeenpreparedbyS2GRUPOfor

informationandprofessionalpurposes.Itscontentisprotected

byintellectualpropertyrightsandreflectsthecompany’sanalysisandexpertknowledgeoftheransomwarelandscape.Itsreading

anduseisauthorisedexclusivelyinprofessionalorinstitutional

environments.Itsreproduction,modificationoruseforcommercialpurposesisprohibitedwithoutpriorwrittenauthorisationfrom

S2GRUPO.

3S2GRUPO

Executive

Introduction

Inacontextofgrowinggeopoliticalinstability,technological

tensionandacceleratedthreatevolution,ransomwarehas

consolidateditsroleasakeytoolfordisruptionandextortionincyberspace.Whatbeganasanopportunisticcriminaltechnique

hasbecomeastructuralthreatthatcombineseconomic,strategicandpoliticalinterests.

Thisreport,preparedbyS2GRUPO’sLAB52team,analysesthe

mainactiveransomwaregroups,theirrecentevolution,emergingtactics,aswellasthemostaffectedsectorsandregions.ItalsoprovidesacriticalreadingonIT/OTconvergenceanditsimpact

oncriticalinfrastructuresinEuropeandLatinAmerica,whichareincreasinglyexposedtotargetedattacks.

Beyondthetechnicalcompilation,thedocumentprovideskeysforanticipationandresponsewithacomprehensiveapproach:

fromgeopoliticalanalysisandtheevolutionoftheRansomware-as-a-Service(RaaS)model,tothenecessarycapabilitiestoresist,containandrecovereffectively.Thisfull-cycleapproachalso

guidesS2GRUPO’sapproachtoprotectionandresilience.

Wehopethisreportwillhelpdecision-makersbetterunderstandtherisk,identifyrelevanttrendsandstrengthentheircyber

securitystrategiesinthefaceofanever-mutatingthreat.

MalwareAnalysis-Lab524

TableofContents

1.Strategicoverviewofransomware6

1.1.Introduction:Ransomwareasastructuralthreat6

1.2.Emergingrisksinindustrialenvironments10

1.3.Conclusionoftheblock11

2.2024-Thefallandriseofnewgroups

12

2.1.Reconfiguringthecriminalecosystem

13

2.2.Ransomwareanditsevolution

14

2.3.Globalcasualtydatafor2024

15

2.4.ImpactgroupsinEUmemberstates

20

2.5.ImpactgroupsinLatinAmerica

22

2.6.Emergingimpactgroupsduring2024

26

3.Trends202542

3.1.Ransomwareduring2025firstquarter43

3.2.ChangesduringApril202546

3.3.Countrieswiththehighestnumberofvictims47

3.4.MostaffectedsectorsandOperationalTechnology(OT)52

4.Protectionandresponsetoransomware58

4.1.Essentialrecommendationstoprotectyourselffrom59

ransomware

4.2.Specificsolutionstocoverthewholecycle63

4.3.ComprehensiveDefenceStrategy65

5.Conclusions67

6.AboutS2GRUPO70

MalwareAnalysis-Lab526

Strategic

BLOCK1

overviewofransomware

7S2GRUPO

1.1Introduction:

Ransomwareasastructuralthreat

Ransomwarerepresentsoneofthemostseriousandwidespreadcyberthreatsofthedigitalage,affectingbothindividualsand

organisationsofallsizesandsectors.Thisreport,asinpreviouseditions,analysestheevolutionofthistypeofthreat,takingintoaccountboththetechnologicalandthegeopoliticalcontext.

Indeed,geopoliticaleventscanhaveadirectimpactontheriseofransomwareattacks.Cyberattackshavebecomeacommontoolofhybridwarfare,acontinuationofconflictbyother,lessdirectmeans,inthiscase,cyber.Ransomwaregroupsneednotdirectlyclaimapoliticalcause,butcansimplyselectastrategictarget-

suchascriticalinfrastructureorasensitivecompany-tosendamessage.

Ransomware-atypeofmalwarethatpreventsaccessto

theaffectedsystem’sdata,usuallybymeansofencryptionalgorithms.Theactorsbehindthistypeofattackusually

demandaransompayment-usuallyincryptocurrencies-forrecovery.

Thesophisticationofransomwarecampaignshasevolved

dramatically,nolongerjustrandomattacks,buttargeted

operationsusingadvancedsocialengineeringtechniques,

exploitationofunpatchedvulnerabilitiesandlateralmovement

withincorporatenetworks.Asindicatedinpreviousreportsontheransomwarelandscape1,inrecentyears,AdvancedPersistent

Threat(APT)groups,traditionallyfocusedoncyberespionage,incorporateransomwareasanadditionaltool2,combining

economicobjectiveswithstrategicorgeopoliticalgoals.

1

https://s2grupo.es/panorama-del-ransomware-2024/

2

/us/about/newsroom/corporate-blog/state-aligned-apt-groups-are-increasingly

-deploying-ransomware-and-thats-bad-news-for-everyone/

MalwareAnalysis-Lab528

9S2GRUPO

Forexample,theRussiangroup(APT44)hasusedransomware

notforransom,butasameanstodestroydataintargetedattacksagainstcriticalinfrastructureinUkraineandPoland,insupportofRussia’swarefforts3.InthecaseofNorthKorea,groupssuch

asMoonstoneSleethavedeployedcustomransomware,such

asFakePenny,withtheaimofstealingsensitiveinformation

andgeneratingillicitrevenuesthatfundstateactivities.Itis

estimatedthatbetween2017and2023,thesestrategiesgeneratedcloseto$3billioninillicitprofits4.Inaddition,Chinese-alignedAPTgroups,suchasChamelGang,haveusedransomwaretocoverupcyberespionageoperations,destroyingevidenceofdatatheftandmakingitdifficulttoattributeattacks5.

TheseandotherAPTgroupsoftenhaveampleresources,timeandcapabilitiestocarryouthighlytargetedandcoordinated

attacks,leveragingtheiraccesstocriticalinfrastructuretomaximisetheimpactofransomware.

Inturn,ransomwaregroups-andmorespecificallythose

operatingundertheRansomwareasaService(RaaS)model-

havebeenabletolearnfromthemalwareavailablethroughpublicsourcesorthroughinformationleaksfrommoreadvancedgroups,toimprovetheiroffensivecapabilities.Allthis,togetherwithtoolssuchasArtificialIntelligence,whichallowsnotonlytoboostthegenerationorimprovementofmalwarecode,butalsotoboost

phishingcampaigns,createsaperfectscenarioforransomwaretocontinuetobeprofitable,effectiveandlong-lasting.

RansomwareasaService-amodelinwhichcybercriminals

rentransomwaretootheractorsinexchangeforashareoftheransom,orsomeothertypeofagreementbetweenthepartiesinvolved.Itallowsevennon-technicaluserstolaunchattacks,facilitatingthespreadofransomwareonalargescale.

Thedamageofasuccessfulattackgoesfarbeyonddataleakage,itcaninvolvethecompleteshutdownofcriticaloperations,lossofrevenue,reputationaldamageandpersonaldatabreaches.Inaddition,atrendalreadynotedthroughpreviousreportsisthatmodernvariantsnotonlyencryptfiles,butalsostealinformationbeforedoingso,addinganadditionallayerofextortion:thethreattopubliclyleakdataiftheransomisnotpaid.Thisdualstrategy

inclinesmanyvictimstogiveintoblackmail,fuellingaprofitablecriminalmodelthatcontinuestogrow.

3

/article/574455/apt-groups-use-ransomware-ttps-as-cover-for-intelligence

-gathering-and-sabotage.html

4

https://www.itdigitalsecurity.es/infraestructuras-criticas/2025/01/grupos-apt-alineados-con-gobiernos

-despliegan-cada-vez-mas-ransomware

5

https://www.itdigitalsecurity.es/infraestructuras-criticas/2025/01/grupos-apt-alineados-con-gobiernos

-despliegan-cada-vez-mas-ransomware.

MalwareAnalysis-Lab5210

1.2

Emergingrisksinindustrial

environments

Ofparticularconcernareattacksaffectingtheindustrial

sector,andcriticalinfrastructureinparticular.Inrecentyears,

ransomwareattackshaveevolvedsignificantlyfrombeingthreatsdirectedexclusivelyattheITenvironmenttobecomingadirect

andcriticalthreattoOperationalTechnology(OT)environments.TheconvergenceofITandOTnetworks,coupledwithlegacy

systemsandinsufficientprotections,hasopenedupnew

opportunitiesforcybercriminals.Thisissueisalsohighlightedinthisreport,alongwithsomeexamplesofransomwaretargetingcriticalinfrastructure.

Despitetheeffortsofauthoritiesandthecybersecuritycommunitytopreventandmitigatetheseattacks,ransomwarealsothrivesontheanonymityaffordedbycryptocurrenciesandthedifficulty

oftrackingdowntheactorsresponsible,manyofwhomoperatefromjurisdictionsoutsideinternationalcooperationcircles.

11S2GRUPO

block

1.3Conclusionofthe

Ransomwarecannolongerbeaddressedasamere

technicalproblem,buthasbecomeastructuralchallengeofnationalsecurity,organisationalresilienceand

economicstability.Combatingthisthreatrequiresa

comprehensivestrategythatcombinestechnological

prevention,usereducation,proactivedetection,

coordinatedincidentresponseandinternational

collaborationbetweengovernments,businessesandcyberintelligencecentres.

But,aboveall,itrequiresathoroughunderstandingofitsevolutioninordertoanticipateitsnextmovesandcontainitsimpact.

MalwareAnalysis-Lab5212

BLOCK2

Thefallandriseofnewgroups

13S2GRUPO

2.1

Reconfiguringthecriminal

ecosystem

Theransomwareecosystemin2024hasbeenmarkedby

highvolatility.Thedismantlingofdominantgroups,internal

fracturesamongaffiliatesandtheemergenceofnewallianceshaveresultedinareconfigurationofthecriminalmaponaglobalscale.

Thisshiftinbalancedoesnotimplyareductioninthethreat,

butrathertheopposite:itdemonstratesitsabilitytoadapt

andresilience.TheRansomware-as-a-Service(RaaS)model

continuestooperateasanexpandingcriminalmarket,where

talent,codeandcompromisedaccessarequicklybought,soldandrecycled.

MalwareAnalysis-Lab5214

itsevolution

2.2Ransomwareand

Figure1summarisesthenumberofknownglobalvictimsreportedbyransomwaregroupsin2023,2024andthefirstquarterof2025.Thegroupsshownarechosenbasedonthetotalnumberofvictimsaddingupoverthesetimeranges.Thesepeaksandtroughs,

particularlyforthegroupswiththehighestimpacttodate,haveapossibleexplanationinthedatashownthroughoutthisreport.

Thefirstnoteworthyelementisthedecreaseinthenumberofglobalvictims,withadropofaround15%between2023and

2024.ThisisduetothefallofLockBitasthepredominantgroup,followinginterventionsagainstthegroupthankstointernationalcollaboration.

Evenso,itissignificanttonotethatCl0p,aprominentgroupin2023anddecliningin2024,isonceagainpositioningitselfasarelevantplayerinthecurrentlandscape,withaverynotableincreaseinthenumberofvictimssofarin2025.

ThefallofBlackCat(ALPHV)isalsoworthanalysing:itsdemisehasadirectimpactontheriseofRansomHub,agroupthat

emergedin2024andwillalsohaveastrongimpactinthefirstquarterof2025.

ThisimpactisalsonoticeableinAkira,whichafterasustained

presencein2023,increasesitsactivityin2024andsofarin2025alreadyequalsitsrecordsofthepreviousyear.

1400

1200

1000

800

600

400

200

0

202320242025-Q1

Figure1.Comparisonofgroupeddataonransomwarevictims:2023-2024andQ1-2025.

Source:LAB52

15S2GRUPO

2.3

OthernotablegroupsareHuntersInternational(October2023)andPlay(June2022),whichalsoplayedanimportantroleduring2024,andarestillactiveorganisations.Althoughitistooearly

toassesswhatwillhappenduring2025,thepictureishighly

interestingfromthepointofviewofanalysingcyberintelligenceactivity,withanumberofreputablegroupscompetingformoreaffiliateswithagreatdiversityintermsoftheirdeployment

techniques.

Globalcasualtydatafor2024

Theaggregateddataofknowncasualtiesworldwideduring2024,brokendownbymonth,isshowninFigure2.Thereareupsand

downsthroughouttheyear,althoughthehighestactivityisseenduringMayandthelastquarter.

700

600

500

400

300

200

100

0

January

February

March

April

May

June

July

August

September

October

November

December

Figure2.Globalcasualtydata-2024.Source:LAB52

ThisactivityisbrokendownbyransomwaregroupsasshowninFigure3.ItcanbeseenthatRansomHub,LockBit,Play,AkiraandHuntersInternationaloccupythetopfiveinthislist.Thisactivityisbrokendownbyransomwaregroup,asshowninFigure3.It

canbeseenthatRansomHub,LockBit,Play,AkiraandHuntersInternationalmakeuptheTop5inthislist.

Inparticular,itisworthnotingthatthetableshaveturned

betweenLockBitandRansomHub:whileLockBitleadsinthefirsttwoquarters,itisRansomHubthatconcentratesmorevictimsinthenexttwoquarters,thusreversingthepositions.

MalwareAnalysis-Lab5216

ransomhub

lockbit3

play

akira

hunters

medusa

blackbasta

qilin

bianlian

incransom

8base

blacksuit

killsec

meow

cactus

dragonforce

rhysida

clop

fog

lynx

raworld

cloak

funksec

apt73

ElDorado

sarcoma

arcusmedia

ransomhouse

darkvault

safepay

alphv

600

500

400

300

200

100

0

T1-WT2-WT3-WT4-W

Figure3.Globalcasualtydatain2024brokendownbyransomwaregroup.Source:LAB52

17S2GRUPO

Intermsofthecountriesmostaffectedbyransomware,theUnitedStatescontinuestobethecountrymostimpactedbythisthreat.ItisfollowedbyCanada,theUnitedKingdom,GermanyandItaly.Spaincurrentlyranksninth,whileBrazil,inseventhposition,is

thefirstLatinAmericancountryonthelist.

3%

3%

5%

United

5%

Canada

UnitedStates

Italy

Germany

Kingdom

Israel

Belgium

Mexico

NetherlandsSwitzerland

Brasil India SpainAustralia

France

3%

Other14%

2%

1%

53%

Switzerland

2%

3%

Netherlands

6%

Kingdom

6%

16%

7%

%

Canada

16%

Mexico3%

United

India

BrasilGermany

7%10

Belgium

3%Israel

4%

Australia

Spain

France

Italy

8%9%

Figure4.Percentageofcasualtiesbycountry-2024.Source:LAB52

MalwareAnalysis-Lab5218

Intermsofthemosttargetedsectors,themanufacturingsectortopsthelist,followedbyhealthservicesandtheconstruction

sector.Thisdistributionclearlyreflectstheimpactofransomwareoncriticalindustries,bothforcitizensandfortheeconomicandproductivefabric.

Retail

Legal

4%

4%

5%

6%

51%

8%

Technology

Construction

HealthCare

Manufacturing

Education

4%

ConsumerServices4%

Other

14%

Figure5.Percentageofaffectedsectors-2024.Source:LAB52

Figure6showshowthemanufacturingsectorhasbeentargetedbythefourgroupswiththemostvictimsduring2024:LockBit,RansomHub,PlayandAkira.Allofthemkeepitasthefirsttarget,albeitindifferentorder.Thehealthsector,ontheotherhand,

hasnotbeenparticularlytargetedbyPlayorAkira.ItisalsonoteworthythatHuntersInternationalranksseventhinbothsectors.

19S2GRUPO

Manufacturing

qilin

3%

4%

cactus

6%

36%

7%

7%

12%

ransomhub9%

play

blackbasta

akira

medusa

3%

hunters

4%

lockbit3

8base

Other

9%

HealthCare

blacksuit

medusa

5%

4%

5

5%

40%

5%

7%

everest

Other

qilin

incranson

bianlian7%

ransomhub

killsec

5%hunters

%

lockbit3

8%9%

Figure6.Top-10groupstargetingManufacturingandHealthsectors.Source:LAB52

MalwareAnalysis-Lab5220

2.4

ImpactgroupsinEUmemberstates

IfonlyEUmemberstatesaretakenintoaccount,Figure7givesamoreaccuratepicturewhere,inadditiontothecountriesintheglobaltop-10(Germany,Italy,FranceandSpain),Belgium,theNetherlands,SwedenandPolandalsostandout.

200

180

160

140

120

100

80

60

40

20

0

Figure7.CasualtydatainEUmemberstates-2024.Source:LAB52

21S2GRUPO

Forthesecountries,thescenariointermsofleadinggroups

alsodi仟ers.LockBitandRansomHubremainatthetop,while

Akiraranksfourth.However,inthiscontext,Playisnotthethirddominantgroup,despiteitsrelevanceinthefirstquarteroftheyear.ItshouldalsobenotedthatthefocusonEUcountriesdoesnotincludedatafortheUK,whichisverysignificantonaglobalscale.

120

100

80

60

40

20

0

T1-EUT2-EUT3-EUT4-EU

Figure8.EUmemberstatedataonvictimsin2024brokendownbyransomwaregroup.Source:LAB52

MalwareAnalysis-Lab5222

IntermsofthemostaffectedsectorsintheEU,manufacturing,healthandconstructionremainatthetopofthelist,whichisinlinewithglobaltrends.

RetailConsulting

3%

3%

5

5%

48%

5%

5%

Unknown3%

Other

HealthCare

Manufacturing

Technology%

ConsumerServices

Construction

4%

Food

19%

Figure9.PercentageofaffectedsectorsinEUmemberstates-2024.Source:LAB52

2.5

ImpactgroupsinLatinAmerica

ThefiveLatinAmericancountrieswiththemostvictimsregisteredduring2024areBrazil,Mexico,Argentina,ColombiaandPeru.

AlthoughthisregionhasalowervolumeofcasescomparedtotheEU,itsanalysisiskeytoidentifyregionalpatternsandoperationaldifferences.

23S2GRUPO

MalwareAnalysis-Lab5224

140

120

100

80

60

40

20

0

Figure10.CasualtydatainLatinAmerica-2024.Source:LAB52

Forexample,thereisagreatergapbetweenthenumberofvictimsattributedtoRansomHubandLockBit.ThePlaygroup,relevant

inEurope,losesweightintheregion,whileArcusMedia,identifiedduring2024,standsoutforitsactivityinLatinAmerica.Other

familieswithsignificantimpactintheregionincludeAPT73,FunSecandSarcoma.

70

60

50

40

30

20

10

0

T1-LTT2-LTT3-LTT4-LT

Figure11.LatinAmericandataonvictimsin2024brokendownbyransomwaregroup.Source:LAB52

25S2GRUPO

Intermsofthemosttargetedsectors,manufacturing,retailandhealthpredominate.Immediatelyafter,attacksongovernment

institutionsstandout,whichisevidenceofapossiblepoliticalmotivationinsomecases.

Logistics

4%

Telecommunications3%

5%

5%

52%

6%

6

HealthCare

Retail%

Manufacturing

Government

Other

Finance

5%

Technology

Food

4%

10%

Figure12.PercentageofaffectedsectorsinLatinAmerica-2024.Source:LAB52

MalwareAnalysis-Lab5226

RansomHub

2.6

Emergingimpactgroupsduring

2024

Asusual,thefallofsomedominantgroupsallowsothersto

takeover.Inthissense,itisusefultoanalysewhichgroupshaveemergedduring2024,alwaysunderthecriterionoftheimpactrecorded,measuredintermsofthenumberofvictimscaused.

RansomHub

AppearinginFebruary2024,RansomHubquicklyestablisheditselfasthemostactivegroupoftheyear,evensurpassingLockBitintermsofattackvolume,followinglawenforcementinterventionsthatcorneredthelatter.

ItoperatesundertheRansomwareasaService(RaaS)model,witharansomdistributionof90%toaffiliatesand10%tothecoregroup.Itstools,writteninGolangandC++,enablefastandeffectiveattacksonWindows,LinuxandESXisystems.

RansomHubavoidsattackingorganisationsinCommonwealthofIndependentStates(CIS)countries,Cuba,NorthKorea,Chinaandnon-profitentities,followingthetraditionalRussianransomwaremodel6.ItshouldbenotedthatthesestateshavestrongpoliticalandeconomictieswithRussia,whichwouldexplaintheirexclusionasfrequenttargets.

6

https://www.xpoint.cl/ransomware/los-nuevos-grupos-de-ransomware-que-estan-sacudiendo-2025/

27S2GRUPO

AnalystsconsiderRansomHubtobeanevolutionorsuccessortotheKnightgroup,formerlyknownasCyclops,havingacquireditssourcecodetoaccelerateitsoperations7.

Sinceitsemergence,ithasbeenresponsibleforencryptingandexfiltratingdataonhundredsofvictimsinsectorssuchas:

>Waterandwastewaterservices>Informationtechnology

>Governmentandemergencyservices>Publichealthandagriculture

>Financialservicesandcriticalmanufacturing>Transportandcommunications

RansomHub

Inaddition,ithasexploitedcriticalvulnerabilitiessuchasCitrixADC(CVE-2023-3519)andFortinetFortiOS(CVE-2023-27997)togaininitialaccess,usingtoolssuchasMimikatztoescalateprivileges8.

ItsemergencecoincideswiththedismantlingofALPHV/

BlackCatandLockBit,whichtriggeredamigrationofaffiliatestoRansomHub.ThistransitionwasdrivenbyeventssuchastheBlackCatscaminMarch20249,whichforcedmanyoperatorstolookfornewplatforms10.

RansomHubhasdemonstrateddiversityinitsdeployment

techniques,whichcouldbeexplainedbytheheterogeneityofitsaffiliates,asobservedbyLAB5211.

Insummary,RansomHubemergesasasignificantthreatintheransomwarelandscape,notableforitsrapidexpansion,technicalsophisticationandabilitytoaggregateaffiliatesfromdisbandedgroups.

7

/2025/02/ransomhub-grupo-activo-principal-ransomware-2024.html

8

/es/grupos-de-ransomware/los-retos-que-plantean-los-nuevos-grupos-de

-ransomware-ransomhub-en-la-linea-de-fuego/

9

/news/security/blackcat-ransomware-shuts-down-in-exit-scam

-blames-the-feds/

10

/anthology/ransomhub/

11

https://lab52.io/blog/ransomhub/

MalwareAnalysis-Lab5228

FunkSec

FunkSecisanemergingransomwaregroupthatemergedin

late2024andquicklyrosetoprominenceduetoitsactivity.

InDecember,itpublishedinformationonmorethan85victims,makingitthemostactivegroupofthemonth12.

Thisgroupusesartificialintelligence(AI)toolstodevelopitsmalware,allowinginexperiencedactorstocreateandimproveadvancedtoolsinanacceleratedmanner.ItoperatesundertheRaaSmodelandemploysdoubleextortiontactics:itcombinesdataencryptionwiththethreatofdisclosureofexfiltrated

informationtopressurevictims.

Inaddition,FunkSechasshownlinkstohacktivism,aligningitselfwithmovementssuchasFreePalestineandformercollectives

suchasGhostAlgeria,knownfortheirpoliticalactivismagainstIsrael’spoliciesandcolonialism.

Withthisideologicalalignment,FunkSeccouldbepromotingtheinterestsofthoseterritoriesorcollectivesaffectedbythewar

betweenIsraelandHamas.Theransomwaregroup’salignment

couldalsorepresentachallengetoglobalpowers,especiallythoseinvolvedinMiddleEastandNorthAfricanpolitics,suchasthe

UnitedStates13,acountrytowhichitdirectedseveralcyberattacks.ItsvictimsalsoincludeothercountriessuchasSpain,which

FunkSec

couldbelinkedtoachangeinthegovernment’spolicytowardstheSahara.However,itcouldalsobeduetochance.

FunkSecrepresentsanewtypeofhybridactorbetween

cybercrimeandpoliticalactivism,makingitaparticularlyunpredictableandmedia-disruptivegroup.

12

https://www.itdigitalsecurity.es/endpoint/2025/01/funksec-un-nuevo-grupo-de-ransomware-que

-utiliza-el-desarrollo-de-malware-asistido-por-ia

13

/2025/funksec-alleged-top-ransomware-group-powered-by-ai/

29S2GRUPO

Lynx

Lynxemergedinmid-2024asanevolutionoftheINCRansomgroup,reusingitssourcecodeandenhancingitscapabilities.ItoperatesundertheRansomwareasaService(RaaS)model,targetingWindowssystemsandusingdoubleextortion

techniques14.

During2024,ithastargetedanumberofglobalsectors,including:

>Energy

>Manufacturing

>