The median recovery costs for the energy and water sectors has risen by to $3 million over the past year, four times higher than the global cross-sector median recovery cost.
Highlighted in the report by cybersecurity provider Sophos entitled “The State of Ransomware in Critical Infrastructure 2024,” this figure reflects the increasing financial burden on these critical industries.
Additionally, the report indicates that 49% of ransomware attacks against these sectors began with an exploited vulnerability, emphasizing the need for improved security measures.
In the same report, the median ransom payment demanded from organizations in the energy and water sectors has increased to over $2.5 million in 2024, $500,000 higher than the global median.
Both of these sectors also reported the second highest rate of ransomware attacks, with 67% of organizations affected in 2024, compared to a global average of 59%.
Following a ransomware attack, 55% of these organizations took more than a month to recover, an increase from 36% in the previous year, indicating a troubling trend in recovery efficiency.
Challenges in recovery are also suggested by the fact that the energy and water sectors reported the highest rate of backup compromise at 79%, along with the third highest rate of successful encryption at 80%.
“Criminals focus where they can cause the most pain and disruption so the public will demand quick resolutions, and they hope, ransom payments to restore services more quickly. This makes utilities prime targets for ransomware attacks. Because of the essential functions they provide, modern society demands they recover quickly and with minimal disruption,” said Chester Wisniewski, global Field CTO.
Wisniewski explained that public utilities are not only attractive targets but vulnerable to attacks on many fronts, including the requirement for high availability and safety, as well as an engineering mindset focused on physical security.
“There’s a preponderance of older technologies configured to enable remote management without modern security controls like encryption and multi-factor authentication. Like hospitals and schools these utilities are frequently operating with minimal staffing and without the IT staffing required to stay on top of patching, the latest security vulnerabilities and the monitoring required for early detection and response,” he remarked.
Data on recovery costs and ransomware attacks on the energy and water sectors is gathered from 275 respondents under the public utilities sector and is part of a broader study involving 5,000 cybersecurity and IT leaders conducted between January and February 2024 across 14 countries and 15 industry sectors.
