The cost of dealing with a ransomware attack is skyrocketing for some industries

News
By published

Energy and Water firms are paying millions to resolve ransomware attacks

A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
(Image credit: Getty Images)

The cost of recovering from ransomware attacks has quadrupled for organizations in  critical infrastructure industries, with the median recovery cost for such organizations hitting $3 million in 2024, a new report from Sophos has claimed.

Its survey of 5,000 cybersecurity and IT leaders across 14 countries and 15 industries claims the $3 million figure is four times higher than the global cross-section median.

 Furthermore, half (49%) of ransomware attacks against these two critical infrastructure sectors started with an exploited vulnerability, suggesting that the firms were sloppy when it comes to keeping hardware and software up to date.

Software and hardware flaws

“Criminals focus where they can cause the most pain and disruption so the public will demand quick resolutions, and they hope, ransom payments to restore services more quickly. This makes utilities prime targets for ransomware attacks. Because of the essential functions they provide, modern society demands they recover quickly and with minimal disruption,” said Chester Wisniewski, global Field CTO.

Wisniewski also discussed the fact that many attacks started with a vulnerability, arguing that critical infrastructure firms are pushing older tech into contemporary MOs, without addressing risks: “There’s a preponderance of older technologies configured to enable remote management without modern security controls like encryption and multifactor authentication,” he added. “Like hospitals and schools these utilities are frequently operating with minimal staffing and without the IT staffing required to stay on top of patching, the latest security vulnerabilities and the monitoring required for early detection and response.”

Besides growing recovery costs, the median ransom payment for organizations in these two sectors also jumped to more than $2.5 million in 2024, which is $500,000 higher than the global cross-sector median, Sophos further explained. 

The Energy and Water sectors reported the second highest rate of ransomware attacks, with two-thirds (67%) of the organizations in these sectors reported being hit this year 2024. The global, cross-sector average is 59%.

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
ransomware avast
Ransomware attacks are costing Government offices a month of downtime on average
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
Less than half of ransomware incidents end in payment - but you should still be on your guard
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
More reports claim 2024 was the worst year for ransomware attacks yet
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
Bad news - businesses who pay ransomware attackers aren’t very likely to get their data back
Security padlock in circuit board, digital encryption concept
Rising cost of breaches forces organizations to rethink cybersecurity
security
The true cost of a security breach
Latest in Security
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple H3C Magic routers hit by critical severity remote command injection, with no fix in sight
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Lock on Laptop Screen
Medusa ransomware is able to disable anti-malware tools, so be on your guard
An abstract image of digital security.
Fake file converters are stealing info, pushing ransomware, FBI warns
Latest in News
Samsung Galaxy S25 from the front
The Now Bar on Samsung One UI 7 is about to get a lot more useful – and could soon match Live Activities on iOS
Marvel Rivals
Marvel Rivals will get two new hero skins for Moon Knight and Black Panther this week meaning I'll now need to farm even more Units
Netflix Ads
Netflix adds HDR10+ support – great news for Samsung TV owners, but don't expect LG and Sony to do the same any time soon
Klipsch Klipschorn AK7 in a room with lots of dark wood furniture and a bare brick wall
Klipsch just updated two of its most iconic stereo speaker designs, keeping these beautiful retro icons on your most-wanted list
FiiO FX17 IEMs
Our favorite budget audiophile brand unveils wired earbuds with 26(!) drivers, electrostatic units, USB-C ultra-Hi-Res Audio, and a not-so-budget price
Nvidia RTX 5080 against a yellow TechRadar background
RTX 5080 24GB version teased by MSI - is it time to admit that 16GB isn't enough for 4K?
More about security
Code Skull

Interpol operation arrests 300 suspects linked to African cybercrime rings
An abstract image of a lock against a digital background, denoting cybersecurity.

Critical security flaw in Next.js could spell big trouble for JavaScript users
The Surface Laptop 7 on a cyan background with a TechRadar deals badge.

This Windows laptop is 31% off in Amazon's Spring Sale and we scored it 5 stars – so why is Amazon putting a warning label on it?
See more latest
Most Popular
Marvel Rivals
Marvel Rivals will get two new hero skins for Moon Knight and Black Panther this week meaning I'll now need to farm even more Units
Klipsch Klipschorn AK7 in a room with lots of dark wood furniture and a bare brick wall
Klipsch just updated two of its most iconic stereo speaker designs, keeping these beautiful retro icons on your most-wanted list
Samsung Galaxy S25 from the front
The Now Bar on Samsung One UI 7 is about to get a lot more useful – and could soon match Live Activities on iOS
A close up of the PlayStation symbol at the top of a PS5 Slim console with a white brick background
Sony has dropped a new PS5 update, improving activities and adding more emoji support
Netflix Ads
Netflix adds HDR10+ support – great news for Samsung TV owners, but don't expect LG and Sony to do the same any time soon
Nvidia RTX 5080 against a yellow TechRadar background
RTX 5080 24GB version teased by MSI - is it time to admit that 16GB isn't enough for 4K?
Google Pixel 9a being held, from the back
The Google Pixel 9a’s mysterious delay may have just been explained
Nintendo Sound Clock: Alarmo
Nintendo Sound Clock: Alarmo gets new update with more customizable features ahead of the Switch 2 Direct
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
FiiO FX17 IEMs
Our favorite budget audiophile brand unveils wired earbuds with 26(!) drivers, electrostatic units, USB-C ultra-Hi-Res Audio, and a not-so-budget price