Ransomware attacks on oil and gas companies and utilities have not subsided over the past year despite an overall decline in the number of such attacks globally, cybersecurity firm Sophos said in a new report.
Not only has the frequency of attacks on critical oil, gas, and utilities infrastructure not diminished as in other sectors, but the impact on the companies that have fallen victim to ransomware attacks has increased, according to Sophos.
The cybersecurity firm based its report, “The State of Ransomware in Critical Infrastructure 2024,” on the findings of a survey commissioned by Sophos of 5,000 IT and cybersecurity leaders across 14 countries in the Americas, EMEA, and Asia Pacific. The survey included 275 respondents from energy, oil and gas, and utilities organizations.
The survey found that the oil and gas and utilities sector reported one of the highest rates of data encryption, while the recovery time from a ransomware attack increased.
The time taken to recover from a ransomware attack is steadily increasing in energy, oil, gas, and utilities organizations, Sophos noted. The 2024 research found that 20% of ransomware victims in energy, oil/gas, and utilities were fully recovered in a week or less, down from 41% in 2023 and 50% in 2022.
Moreover, 55% of energy, oil, gas, and utilities now take more than a month to recover, up from 36% in 2023 and 19% in 2022.
“This slowdown may reflect the increased complexity and severity of attacks, necessitating greater recovery work. It may also indicate a growing lack of recovery preparation,” Sophos said in the report.
Over the past year, 61% of energy firms paid the ransom to get encrypted data back, whereas only 51% restored encrypted data using backups – the lowest rate of backup use reported across all sectors. This is the first time that energy, oil/gas, and utilities organizations have reported a higher propensity to pay the ransom than use backups, Sophos noted.
Earlier this year, the North American Electric Reliability Corporation warned that the U.S. grid’s vulnerability to cyberattacks has grown.
By Tsvetana Paraskova for Oilprice.com
