{"id":4508,"date":"2024-07-17T14:58:15","date_gmt":"2024-07-17T19:58:15","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=81034"},"modified":"2024-07-17T14:58:15","modified_gmt":"2024-07-17T19:58:15","slug":"ransomware-attacks-are-hitting-energy-oil-and-gas-sectors-especially-hard-report-finds","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/07\/17\/ransomware-attacks-are-hitting-energy-oil-and-gas-sectors-especially-hard-report-finds\/","title":{"rendered":"Ransomware attacks are hitting energy, oil and gas sectors especially hard, report finds"},"content":{"rendered":"<p><head> <meta charset=\"UTF-8\"> <meta name=\"viewport\" content=\"width=device-width, initial-scale=1\"> <meta name=\"robots\" content=\"index, follow, max-image-preview:large, max-snippet:-1, max-video-preview:-1\"> <!-- This site is optimized with the Yoast SEO Premium plugin v21.7 (Yoast SEO v21.7) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ --> <title>Ransomware attacks are hitting energy, oil and gas sectors especially hard, report finds | CyberScoop<\/title> <meta name=\"description\" content=\"Sophos survey finds that utilities appear willing to pay ransom demands.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/ransomware-energy-oil-gas-report\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Ransomware attacks are hitting energy, oil and gas sectors especially hard, report finds\"> <meta property=\"og:description\" content=\"Sophos survey finds that utilities appear willing to pay ransom demands.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/ransomware-energy-oil-gas-report\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2024-07-17T19:58:15+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/ransomware-attacks-are-hitting-energy-oil-and-gas-sectors-especially-hard-report-finds-2.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1278\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Christian Vasquez\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@chrismvasq\"> <!-- \/ Yoast SEO Premium plugin. --> <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1721147539g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1719935282g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1721183474g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=ada0ad45b21fc79c6694\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/81034\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.6\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=81034\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fransomware-energy-oil-gas-report%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fransomware-energy-oil-gas-report%2F&amp;format=xml\"> <!-- Google Tag Manager --> <!-- End Google Tag Manager --> <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-81034 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/ransomware-energy-oil-gas-report\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"23.5625\">\n<div class=\"single-article__header-content\" readability=\"28.235294117647\">\n<p> Sophos survey finds that utilities appear willing to pay ransom demands. <\/p>\n<\/p><\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/ransomware-attacks-are-hitting-energy-oil-and-gas-sectors-especially-hard-report-finds.jpg?resize=640%2C426&#038;ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/ransomware-attacks-are-hitting-energy-oil-and-gas-sectors-especially-hard-report-finds-2.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/ransomware-attacks-are-hitting-energy-oil-and-gas-sectors-especially-hard-report-finds-2.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/ransomware-attacks-are-hitting-energy-oil-and-gas-sectors-especially-hard-report-finds-2.jpg?resize=768,511 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/ransomware-attacks-are-hitting-energy-oil-and-gas-sectors-especially-hard-report-finds-2.jpg?resize=1024,682 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/ransomware-attacks-are-hitting-energy-oil-and-gas-sectors-especially-hard-report-finds-2.jpg?resize=1536,1022 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/ransomware-attacks-are-hitting-energy-oil-and-gas-sectors-especially-hard-report-finds-2.jpg?resize=600,399 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/ransomware-attacks-are-hitting-energy-oil-and-gas-sectors-especially-hard-report-finds-2.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/ransomware-attacks-are-hitting-energy-oil-and-gas-sectors-especially-hard-report-finds-2.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/ransomware-attacks-are-hitting-energy-oil-and-gas-sectors-especially-hard-report-finds-2.jpg?resize=1014,675 1014w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/ransomware-attacks-are-hitting-energy-oil-and-gas-sectors-especially-hard-report-finds-2.jpg?resize=1266,843 1266w\" sizes=\"(max-width: 1014px) 100vw, 1014px\"><figcaption> Blue pipes going to an oil refinery. (Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"34.855769230769\"><body readability=\"71.344300822562\"><\/p>\n<p>Ransomware attacks are hitting energy and oil and gas sectors harder, costing utilities more in recovery time and funding as victims appear increasingly willing to pay ransom demands, according to a new report from the cybersecurity firm Sophos.<\/p>\n<p>The <a href=\"https:\/\/assets.sophos.com\/X24WTUEQ\/at\/75tnw38cqsnrrv56wpwc78k\/sophos-state-of-ransomware-critical-infrastructure-2024.pdf\">report<\/a> looks at ransomware impacts to critical infrastructure organizations and is based on more than 200 responses from a wider survey of 5,000 cybersecurity and IT leaders taken in January and February. Sophos said that the ransomware attack rate appears to be falling globally, but researchers found that recovery times for energy, oil and natural gas, and utilities have been steadily increasing since at least 2022.<\/p>\n<p>\u201cThis slowdown may reflect the increased complexity and severity of attacks, necessitating greater recovery work. It may also indicate a growing lack of recovery preparation,\u201d the report notes.<\/p>\n<p>The report found that more than half of energy, oil and gas and utilities ransomware victims took more than a month to recover, up from 19% in 2022.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>The Biden administration has spent the past few months <a href=\"https:\/\/cyberscoop.com\/china-critical-infrastructure-volt-typhoon\/\">warning<\/a> about Chinese-backed infiltrations into sensitive civilian and military critical infrastructure. Security officials have pointed out that those \u201cVolt Typhoon\u201d hackers may try to disrupt critical infrastructure servicing civilians in an effort to change public opinion amid increasing tensions around Taiwan.&nbsp;<\/p>\n<p>Experts have warned that cyberattacks on IT infrastructure \u2014 like bill payment systems \u2014 can have an impact on operations and provided services, meaning that even if an attack only affects the IT side of the business, critical services like energy generation and transmission can be impacted.<\/p>\n<p>\u201cThere\u2019s a preponderance of older technologies configured to enable remote management without modern security controls like encryption and multifactor authentication,\u201d Chester Wisniewski, global field chief technology officer at Sophos, said in a press release. \u201cLike hospitals and schools these utilities are frequently operating with minimal staffing and without the IT staffing required to stay on top of patching, the latest security vulnerabilities and the monitoring required for early detection and response.\u201d<\/p>\n<p>According to Sophos, nearly half of successful attacks occurred because of an unpatched or unmitigated vulnerability, while just over a quarter were due to compromised credentials, per the report. Researchers also noted that energy, oil and gas, and utilities make up the sector \u201cmost likely to fall victim to the exploitation of unpatched vulnerabilities.\u201d<\/p>\n<p>Additionally, that same group is more likely to pay a ransom demand to retrieve encrypted data than to use backups to recover.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cThis is the first time that energy, oil\/gas, and utilities organizations have reported a higher propensity to pay the ransom than use backups,\u201d the report noted.<\/p>\n<p>While the survey does highlight how ransomware is still one of the most disruptive to critical infrastructure operations, the general lack of understanding in the wider threat landscape due to lax reporting laws means that the true cost of ransomware could be much higher. The Cybersecurity and Infrastructure Security Agency is going through a <a href=\"https:\/\/cyberscoop.com\/cisa-cyber-reporting-circia-2024\/\">rulemaking process<\/a> requiring many critical infrastructure organizations to report substantial cyber incidents, with the final rule expected early next year.<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"1.4808259587021\">\n<div class=\"author-card\" readability=\"9\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/ransomware-attacks-are-hitting-energy-oil-and-gas-sectors-especially-hard-report-finds-1.jpg?w=640&#038;ssl=1\" alt=\"Christian Vasquez\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Christian Vasquez<\/h4>\n<p> Christian covers industrial cybersecurity for CyberScoop News. He previously wrote for E&amp;E News at POLITICO covering cybersecurity in the energy sector. Reach out:&nbsp; christian.vasquez at cyberscoop dot com <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p> <!-- .popular-stories__stories --> <\/div>\n<p><!-- .popular-stories__inner -->\n<\/div>\n<p><!-- .popular-stories --> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Geopolitics<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p> <!-- Start of HubSpot Embed Code --> <!-- End of HubSpot Embed Code --> <\/body> <a href=\"https:\/\/cyberscoop.com\/ransomware-energy-oil-gas-report\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Ransomware attacks are hitting energy, oil and gas sectors especially<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[413,452,46,288],"tags":[415,454,54,294],"class_list":["post-4508","post","type-post","status-publish","format-standard","hentry","category-critical-infrastructure","category-cybersecurity-and-infrastructure-security-agency-cisa","category-ransomware","category-threats","tag-critical-infrastructure","tag-cybersecurity-and-infrastructure-security-agency-cisa","tag-ransomware","tag-threats"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/critical-infrastructure\/\" rel=\"category tag\">critical infrastructure<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity-and-infrastructure-security-agency-cisa\/\" rel=\"category tag\">Cybersecurity and Infrastructure Security Agency (CISA)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ransomware\/\" rel=\"category tag\">ransomware<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/threats\/\" rel=\"category tag\">Threats<\/a>","tag_info":"Threats","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/4508","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=4508"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/4508\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=4508"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=4508"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=4508"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}