Almost half (47%) of businesses in the energy sector have suffered from loss of revenue from downtime as a result of a ransomware attack in the past 12 months.
This is according to our latest CNI research, which has surveyed 521 staff responsible for cyber security at UK critical national infrastructure (CNI) organisations, encompassing civil aviation, energy, transport, finance and central government.
The Dual Attack Threat
Ransomware attacks have significant implications for the energy industry, with 45% of respondents admitting they have suffered disruption to their operations as a result of an attack. Downtime not only raises the risk of disrupting critical electricity and gas operations, but can even threaten livelihoods in the process.
In addition to the growing ransomware threat, phishing attacks are also widespread, averaging 14 incidents per year. The dual threat is putting immense pressure on the industry to enhance its cyber defences and response strategies.
Delayed Response
Given these significant consequences, the sector is struggling to react quickly to cyber incidents and mitigate the damage they cause. While phishing attacks are dealt with in an average timeframe of 8.99 hours, ransomware responses take 14.84 hours and nation-state attacks take as much as 18.77 hours on average to respond to. These are particularly dangerous threats for the sector due to the societal and economical damage that can be inflicted from downtime.
Future-proofing Energy
Despite these concerns, energy organisations are actively enhancing their cyber security measures. Almost every energy organisation (94%) is now leveraging AI-driven tools, including AI-enhanced data loss prevention and endpoint protection. In another promising development, energy organisations expect to spend more on IT security than last year. Half (51%) say that their outlay will increase on 2023’s figure.
“The energy sector’s role in global economies and society as a whole makes it a particularly vulnerable industry. But ransomware and phishing attacks are having a detrimental impact, and lengthy response times are only adding to the damage caused. With nation-state attacks also posing a significant threat, the sector must fortify its cyber defences with incident response and reporting, defined risk management practices, regular audits and training programmes to futureproof its operations. It’s promising that the sector is already adopting AI-driven solutions and planning to invest more in cyber security in order to protect itself."
