State of Ransomware - Sophos
Sophos report on the state of ransomware in critical infrastructure in 2024 here
Puja Mahendru
Only 31% surveyed were willing to go into detail. Having experience of how difficult it is to get lessons learned or case studies from orgs when things go wrong…the full picture will be worse.
➡️ Costs to recover increased
➡️ Sector is the second most targeted
➡️ Recovery times decreasing
Sophos Field CTO:
“This once again shows that paying ransom payments almost always works against our best interests. An increasing number (61 percent) paid the ransom as part of their recovery, yet the amount of time it took to recover was extended. Not only do these high rates and amounts of ransoms encourage more attacks on the sector, but they are not achieving the claimed goal of shorter recovery times.”
🙌 (Stating the obvious though)
CISA have said they do not foresee a ban on ransom payments. That’s the US. From a European perspective I think things may change. Three years? Leaders are not going to be able to ‘hide’ payments. There will be disclosure. There may be accountability. Especially with a focus on renewables and water companies for other reasons. Other sectors should also take note.
Probably good to start preparing/improving now.
Some decent extra context reporting here
Connor Jones