The cost of dealing with a ransomware attack is skyrocketing for some industries

A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."

(Image credit: Getty Images)

The cost of recovering from ransomware attacks has quadrupled for organizations in critical infrastructure industries, with the median recovery cost for such organizations hitting $3 million in 2024, a new report from Sophos has claimed.

Its survey of 5,000 cybersecurity and IT leaders across 14 countries and 15 industries claims the $3 million figure is four times higher than the global cross-section median.

Furthermore, half (49%) of ransomware attacks against these two critical infrastructure sectors started with an exploited vulnerability, suggesting that the firms were sloppy when it comes to keeping hardware and software up to date.

Software and hardware flaws

“Criminals focus where they can cause the most pain and disruption so the public will demand quick resolutions, and they hope, ransom payments to restore services more quickly. This makes utilities prime targets for ransomware attacks. Because of the essential functions they provide, modern society demands they recover quickly and with minimal disruption,” said Chester Wisniewski, global Field CTO.

Wisniewski also discussed the fact that many attacks started with a vulnerability, arguing that critical infrastructure firms are pushing older tech into contemporary MOs, without addressing risks: “There’s a preponderance of older technologies configured to enable remote management without modern security controls like encryption and multifactor authentication,” he added. “Like hospitals and schools these utilities are frequently operating with minimal staffing and without the IT staffing required to stay on top of patching, the latest security vulnerabilities and the monitoring required for early detection and response.”

Besides growing recovery costs, the median ransom payment for organizations in these two sectors also jumped to more than $2.5 million in 2024, which is $500,000 higher than the global cross-sector median, Sophos further explained.

The Energy and Water sectors reported the second highest rate of ransomware attacks, with two-thirds (67%) of the organizations in these sectors reported being hit this year 2024. The global, cross-sector average is 59%.

More from TechRadar Pro

Cyber attacks against key US infrastructure continue, but this time its China
Here's a list of the best malware removal tools around today
These are the best endpoint security tools right now

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.