By Chinenye Anuforo
Sophos, an innovative cybersecurity solutions company, has unveiled alarming findings from its “State of Ransomware in Critical Infrastructure 2024” report. The survey, conducted among 275 organizations in the energy, oil and gas, and utilities sectors, revealed a dramatic quadrupling of the median recovery cost for ransomware attacks to $3 million in 2024. This figure is four times higher than the global cross-sector average.
Additionally, the report highlighted the vulnerability of these critical infrastructure sectors to cyberattacks, with 49% of ransomware incidents originating from exploited vulnerabilities.
“The energy and water sectors are facing an unprecedented level of cyber risk,” said Chester Wisniewski, global field CTO at Sophos. “Unfortunately, public utilities are not only attractive targets but vulnerable to attacks on many fronts, including the requirement for high availability and safety, as well as an engineering mindset focused on physical security. There’s a preponderance of older technologies configured to enable remote management without modern security controls like encryption and multifactor authentication. Like hospitals and schools these utilities are frequently operating with minimal staffing and without the IT staffing required to stay on top of patching, the latest security vulnerabilities and the monitoring required for early detection and response.”
On top of growing recovery costs, the median ransom payment for organizations in these two sectors jumped to more than $2.5 million in 2024—$500,0000 higher than the global cross-sector median.
The energy and water sectors also reported the second highest rate of ransomware attacks. Overall, 67% of the organizations in these sectors reported being hit by ransomware in 2024, in comparison to the global, cross-sector average of 59%.
Other key findings from the report include: The energy and water sectors reported increasingly longer recovery times. “Only 20% of organizations hit by ransomware were able to recover within a week or less in 2024, compared to 41% in 2023 and 50% in 2022. Fifty-five percent took more than a month to recover, up from 36% in 2023. In comparison, across all sectors, only 35% of companies took more than a month to recover”, the report shown.
The report also showed that these two critical infrastructure sectors reported the highest rate of backup compromise (79%) and the third highest rate of successful encryption (80%) when compared to the other industries surveyed
Despite the rising costs and increasing frequency of attacks, the report underscored the ineffectiveness of paying ransoms. While 61% of affected organizations paid the ransom, it did not correlate with faster recovery times.
Sophos urged energy and water organizations to prioritize cybersecurity measures, including vulnerability management, 24/7 monitoring, and robust incident response plans. “By investing in these areas, organizations can significantly reduce their risk of falling victim to ransomware attacks and minimize the impact of such incidents”, Sophos advised.