Sophos has just released its annual “The State of Ransomware in Critical Infrastructure 2024” report. In the document, cybersecurity and IT professionals from a variety of industries, including energy, oil and gas, and utilities, share their ransomware experiences. According to the company, the report sheds light on new areas of study for the sector, including an exploration of ransom demands vs. ransom payments and how often energy, oil/gas and utilities organizations receive support from law enforcement bodies to remediate the attack.
Read More: Global Tensions Fuel Cyber Threats to Critical Infrastructure
Key Takeaways
- 67% of energy, oil/gas and utilities organizations were hit by ransomware in 2024
- 98% of those organizations hit by ransomware in the past year said that the cybercriminals attempted to compromise their backups during the attack
- The mean cost to recover from a ransomware attack was $3.12 million in 2024
- 62% of computers in energy, oil/gas and utilities are impacted by a ransomware attack
- 61% of energy, oil/gas and utilities organizations paid the ransom to get encrypted data back, whereas only 51% restored encrypted data using backups
Survey Methodology
To obtain the data for the report, Sophos partnered with Vanson Bourne to survey 5,000 IT/cybersecurity leaders across 14 countries, which includes 275 executives from the energy, oil/gas, and utilities industries. The survey was conducted from January to February 2024, and survey participants were from organizations with 100 to 5,000 employees.
