Ransomware, Critical Infrastructure Security

Critical infrastructure ransomware payments, recovery costs spike

Cyber basics

Organizations in the critical national infrastructure sectors had mean and median ransomware payments reach $3.225 million and $2.54 million this year, respectively, representing a sixfold and 41-fold increase over the past year, with the highest payments recorded among lower education and federal government entities, The Register reports.

On the other hand, median ransomware recovery costs per incident reached $3 million, which is a fourfold increase from last year, with the greatest gains observed among entities in the energy and water industries, which were the second most targeted sectors, according to a Sophos report. The report also showed that fewer organizations have been able to recover systems in a week or less due to increasingly complex attacks. "This once again shows that paying ransom payments almost always works against our best interests. An increasing number (61 percent) paid the ransom as part of their recovery, yet the amount of time it took to recover was extended. Not only do these high rates and amounts of ransoms encourage more attacks on the sector, but they are not achieving the claimed goal of shorter recovery times," said Sophos Global Field Chief Technology Officer Chester Wisniewski.

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds