Download PDF version Contact company

Over three in ten US-based critical infrastructure organisations (36%) that have fallen victim to a ransomware attack have risked legal repercussions by paying a ransom.

The findings are in new research by pioneering cybersecurity services firm Bridewell, surveying 519 staff responsible for cybersecurity at US critical infrastructure organisations in sectors such as civil aviation, telecommunications, energy, transport, media, financial services and water supply.

Infringing UK and US laws

66% of organisations surveyed have experienced at least one ransomware attack over the previous 12 months. More than a third (38%) suffered up to five ransomware attacks, but a small percentage of organisations (32%) experienced more than a hundred attacks.

66% of organisations polled have shared at least one ransomware attack over the last 12 months

In certain situations, for example, when an organisation has no ability to recover from a successful attack, there may be no choice other than to pay the ransom. However, payment can risk infringing UK and US laws that prohibit dealings with sanctioned individuals or entities. At present, prosecutions are uncommon, however, the UK and US governments have floated the idea of implementing a payment ban.

Consequences of a ransomware attack

The research findings expose the multiple consequences of a ransomware attack on the US critical infrastructure. Over a third of respondents, for example, cited a psychological impact on employees (36%). Downtime (43%), data loss (43%) and reputational damage (41%) are all repercussions that respondents say their organisations have suffered, along with operational disruption (40%).

But, over a third of organisations (36%) are also facing increased insurance premiums, and 35% have also incurred financial losses from legal fees or fines. The average cost of a ransomware attack on US critical infrastructure organisations is now $509,942, the research reveals.

Challenge of response delays

Threats are on the rise through increasing professionalisation in the ransomware world

Impacts are exacerbated by the length of time it takes organisations to respond to ransomware attacks, with the average now being 16 hours. Without a proactive strategy to address this significant challenge of response delays, more organisations risk paying a ransom.

Over nine-in-ten (91%) US respondents in the research agree that attacks are more sophisticated, with ransomware-as-a-service (RaaS) deployed with greater knowledge and cunning. Threats are on the rise through increasing professionalisation in the ransomware world and the entry of organised crime groups from other areas of criminality.

Challenges faced by critical infrastructure

If you fall victim to a ransomware attack, paying the ransom should always be your last resort. Aside from the risk that cybercriminals may not restore access upon payment, there are also potential legal consequences to consider,” said Anthony Young, CEO at Bridewell. “That being said, there are certain situations where organisations have no choice other than to pay. If the organisation has no ability to recover, then paying the ransom may represent the only viable option to resume operations other than rebuilding their systems from scratch."

"However, this difficult choice is avoidable by having a security strategy to reduce the risk of threat actors gaining access and transversing through your systems without discovery and effective removal. Building a relationship with a trusted security partner who understands your environment and the complex challenges faced by critical infrastructure can help you mitigate this risk by having the right expertise, resources, and support if the worst was to happen.”

Download PDF version Download PDF version

In case you missed it

Enhancing collaboration in physical security operations
Enhancing collaboration in physical security operations

In the past, security and IT teams operated independently, but today collaboration is critical. Modern security systems rely on various devices and systems that are linked to inter...

How can the industry do a better job of promoting emerging technologies in physical security environments?
How can the industry do a better job of promoting emerging technologies in physical security environments?

By all accounts, technology development is moving at a rapid pace in today's markets, including the physical security industry. However, market uptake of the newest technologies ma...

Dahua & KITT Engineering's LED screen innovations
Dahua & KITT Engineering's LED screen innovations

About a year and a half ago, Peter de Jong introduced Dahua to Fred Koks, General Manager of KITT Engineering. Since then, Dahua, KITT Engineering, and Ocean Outdoor have complete...

Quick poll
What is the most significant challenge facing smart building security today?