Reviewing the Ransomware Landscape in Key Infrastructure 2024
Examining the most recent annual study from Sophos on the practical encounters with ransomware in the energy, oil/gas, and utilities field – a fundamental component of the vital structures backing enterprises – delves into the entire journey of victims, from the frequency of attacks and main cause to the operational consequences and business results.
This year’s dossier illuminates novel areas for investigation within this domain, encompassing a comparison between ransom requests and payments and the frequency with which energy, oil/gas, and utilities entities seek assistance from law enforcement agencies to rectify the incursion.
Retrieve the report to obtain the comprehensive discoveries.
Persistence of Attacks and Recuperation Rates
In 2024, 67% of energy, oil/gas, and utilities establishments encountered ransomware, mirroring the attack rate recorded in 2023.
In the past year, 98% of energy, oil/gas, and utilities entities hit by ransomware remarked that the cyber attackers attempted to infiltrate their backups during the assault. Four out of every five (79%) of these attempts to compromise the backups were successful, marking the highest success rate of backup compromise within all sectors.
In 2024, 80% of ransomware incidents affecting energy, oil/gas, and utilities ventures led to data encryption, in harmony with the encryption rate disclosed by this field in 2023 (79%) but surpassing the 2024 average across all sectors of 70%.
The average cost for energy, oil/gas, and utilities organizations to recover from a ransomware incident was $3.12M in 2024, akin to the $3.17M documented in 2023.
Devices Impacted During a Ransomware Assault
On average, 62% of computing devices within energy, oil/gas, and utilities are impacted by a ransomware attack, significantly higher than the average across all sectors of 49%. In contrast to other industries where only a minor portion of entities have their entire environments encrypted, about one in five energy, oil/gas, and utilities enterprises (17%) reported that 91% or more of their devices were affected.
The Decline in Utilizing Backups for Data Retrieval
In 2024, 61% of energy, oil/gas, and utilities firms opted to pay the ransom to retrieve encrypted data while only 51% restored encrypted data using backups – marking the lowest backup utilization rate reported across various sectors. It signifies the first time that these entities have reported a greater inclination towards ransom payments rather than backup deployment. Globally, 56% chose to pay the ransom, and 68% utilized backups.
This year’s observations denote a conspicuous shift from the preceding two years when the sector boasted commendable backup utilization rates (70% in 2023 and 77% in 2022).
An apparent change over the previous year is the rise in the tendency for victims to employ multiple strategies for recovering encrypted data (e.g., paying the ransom and using backups). This time, 35% of energy, oil/gas, and utilities entities with encrypted data reported using more than one approach, surpassing the 26% recorded in 2023.
Rare Occurrence of Initial Ransom Payment in Critical Infrastructure Ventures
Among the energy, oil/gas, and utilities participants whose firms made ransom payments, 86 disclosed the actual sum paid, revealing an average (median) payment of $2.5M in 2024.
Just under half (48%) of the participants stated that their payment equaled the initial demand. 26% paid less than requested, while 27% paid more.
When dissected by industry, energy, oil/gas, and utilities showcase the highest inclination to honor the attacker’s initial ransom demand. It also displays the second lowest tendency to underpay compared to the original demand.
Download the complete report for further insights into ransom payments and various other aspects.
Insights about the Survey
This publication is derived from an impartial, vendor-neutral survey initiated by Sophos of 5,000 IT/cybersecurity leaders across 14 nations in the Americas, EMEA, and Asia Pacific, including 275 from the energy, oil/gas, and utilities segment, a fundamental sector of the critical infrastructure supporting enterprises worldwide. All participants represent organizations with staff counts ranging from 100 to 5,000 employees. The survey was orchestrated by research authority Vanson Bourne between January and February 2024, with respondents reflecting on their encounters over the previous year.
About Author
