Sophos, a leader in security solutions, released the report “The State of Ransomware in Critical Infrastructure 2024.” The report revealed that median recovery costs for the Energy and Water sectors quadrupled to $3 million in the past year, four times the global median. Additionally, 49% of ransomware attacks in these sectors began with an exploited vulnerability.
The report’s data came from 275 respondents in the Energy and Water sectors, part of a broader survey of 5,000 cybersecurity leaders across 14 countries and 15 industry sectors conducted in early 2024.
“Criminals focus where they can cause the most pain and disruption so the public will demand quick resolutions, and they hope, ransom payments to restore services more quickly. This makes utilities prime targets for ransomware attacks. Because of the essential functions they provide, modern society demands they recover quickly and with minimal disruption,” said Chester Wisniewski, global Field CTO.
The median ransom payment for the Energy and Water sectors increased to over $2.5 million in 2024, $500,000 higher than the global median. These sectors also reported the second-highest rate of ransomware attacks, with 67% of organizations affected, compared to a global average of 59%.
Other key findings include:
Recovery times increased, with only 20% of organizations recovering within a week in 2024, down from 41% in 2023.
The Energy and Water sectors reported the highest rate of backup compromise [79%] and the third-highest rate of successful encryption [80%].
Wisniewski noted that paying ransoms often prolongs recovery times and encourages more attacks. He emphasized the need for proactive monitoring, 24/7 response capabilities, and regular rehearsals of incident response plans to minimize outages and improve recovery times.