fbpx
Techitup Middle East
B2B TechnologyCybersecurity

Sophos: The State of Ransomware in Critical Infrastructure 2024

Sophos, today released a sector survey report, “The State of Ransomware in Critical Infrastructure 2024,” which revealed that the median recovery costs for two critical infrastructure sectors, Energy and Water, quadrupled to $3 million over the past year. This is four times higher than the global cross-sector median. In addition, 49% of ransomware attacks against these two critical infrastructure sectors started with an exploited vulnerability. 

Data for the State of Ransomware in Critical Infrastructure 2024 report comes from 275 respondents at energy, oil and gas, and utilities organizations, which fall under the Energy and Water sectors of CISA’s 16 defined critical infrastructure sectors. The results for this sector survey report are part of a broader, vendor-agnostic survey of 5,000 cybersecurity/IT leaders conducted between January and February 2024 across 14 countries and 15 industry sectors. 

On top of growing recovery costs, the median ransom payment for organizations in these two sectors jumped to more than $2.5 million in 2024—$500,0000 higher than the global cross-sector median. The Energy and Water sectors also reported the second highest rate of ransomware attacks. Overall, 67% of the organizations in these sectors reported being hit by ransomware in 2024, in comparison to the global, cross-sector average of 59%. 

Other findings from the report include: 

  • The energy and water sectors reported increasingly longer recovery times. Only 20% of organizations hit by ransomware were able to recover within a week or less in 2024, compared to 41% in 2023 and 50% in 2022. Fifty-five percent took more than a month to recover, up from 36% in 2023. In comparison, across all sectors, only 35% of companies took more than a month to recover  
  • These two critical infrastructure sectors reported the highest rate of backup compromise (79%) and the third highest rate of successful encryption (80%) when compared to the other industries surveyed 

 
Read the full State of Ransomware in Critical Infrastructure on Sophos.com.  

Related posts

Tenable Introduces Web App & API Scanning in Nessus Expert

Editor

Acronis Announces New Cyber Cloud Data Center in Dubai

Editor

Dataiku: Only 20% Senior IT Leaders Use GenAI in Production 

Editor

Leave a Comment