In 2021, 80% of critical infrastructure organizations reported a ransomware attack.
60% of the affected organizations paid the ransom (76% from the U.S.). In more than half of the cases, the ransom exceeds $500,000.
Although 28% experienced a “substantial impact to operations” despite the payment of the ransom, the consequences of non-payment of a ransom sum are devastating and many organizations will choose to pay to avoid such.
One of these consequences is the loss of hourly earnings, which are greater than the ransom demanded.
The report by cyber-physical security firm Claroty sheds light on the ongoing war between cybercriminals and organizations, showing that the war is somehow tilting in favor of cybercriminals.
Operating technology (OT) networks and hardware make a significant contribution to a cyber attack. COVID-19 fast-tracked digital transformation, which led to improved connectivity between IT and OT networks. Since OT networks and the hardware that lives on them are not always designed to connect to the internet, systems are exposed to direct attacks.
“Changes to OT/ICS environments also introduce risk by creating additional vectors for attackers. Results have played out in the headlines and spurred renewed warnings by the government on the risk of connecting industrial networks to IT networks and the need for a heightened state of awareness and controls,” Claroty’s report explained.
For more information, read the original story in TechRepublic.