Six-in-ten (62%) critical infrastructure organizations across the federal government, civil aviation, energy, transportation (rail and road combined) and finance sectors have experienced a ransomware attack in the past 12 months, with data theft and loss among the most serious consequences.
This is according to the latest research by Bridewell, which has surveyed 519 employees responsible for cyber security at U.S. critical infrastructure organizations.
The dual attack threat
Ransomware attacks have significant implications for critical infrastructure sectors. In aviation, downtime from an attack could cause major disruption to flights, while in financial services, failure to act could leave organizations falling foul of strict compliance rules.
Financial services organizations including banks, investment banks, credit unions and payment services companies were most significantly affected by ransomware attacks over the past 12 months, with more than three-quarters (78%) reporting an attack, closely followed by rail organizations (76%) and energy (60%).
In addition to the growing ransomware threat, phishing and malware attacks are also widespread. On average, the five sectors faced 14 phishing attacks over the last year, along with 11 malware attacks.
Across all types of attack surveyed, the financial sector reports the highest number of incidents. For example, financial sector respondents reported an average of 28 incidents in which unpatched vulnerabilities were exploited, along with an average of 28 terrorist threats, 27 incidents of unauthorized device use, and 23 malware attacks.
Delayed response
Given these significant consequences, industries are struggling to react quickly to cyber incidents and mitigate the damage they cause.
The research revealed that responses to phishing attacks can take anything from the 7.3 hours among federal government organizations to 15.94 hours among financial services entities. Federal government organizations also have faster responses to terrorist threats (8.2 hours) than the other four sectors. In financial services, by contrast, responding to terrorism threats takes 14.89 hours, while in the civil aviation sector it takes 11.34 hours.
Future-proofing critical infrastructure
In light of these concerns, organizations are actively enhancing their cybersecurity measures. Across each of the five sectors, almost all organizations (94%) are now at least one AI-driven tool, including AI-enhanced endpoint protection, automated incident response solutions, and network behavior analysis. On average, 65% of organizations from across the five sectors plan to increase their IT security spend compared to last year.
“Our research shows ransomware, phishing and malware remain highly potent, but are only part of the wide range of threats confronting U.S critical infrastructure organizations,” said Chase Richardson, Vice President of Consulting at Bridewell.
“Organizations must invest to fortify their defenses against threats which are constantly mutating and increasingly involve AI. Yet they need to be sure they combine innovative technology with human expertise and tested methodologies so they can remain at the cutting-edge without compromising business as usual. Investment is vital to ensure the best possible protection for organizations critical to the US and its economy.” To read the full report go to: Cybersecurity in Critical Infrastructure Organizations: 2024 (bridewell.com)