Ransomware attacks on the rise
42% of critical infrastructure organisations have suffered a data breach, with 93% observing an increase in attacks, says Thales UK.
THE MOST common threats encountered were malware, phishing and ransomware. Nearly a quarter (24%) reported to have fallen victim to a ransomware attack in the past year, with 11% paying the ransom.
The leading causes of cloud-based breaches include:
- Human error (34%)
- Exploiting a known vulnerability (31%)
- Failure to apply multifactor authentication (MFA) to privileged accounts (20%)
- Almost a third (30%) of CI organisations also experienced an insider threat incident.
There’s a strong correlation between compliance achievement and reduced breaches. Of those who failed a compliance audit in the last 12 months, 84% reported having experienced a breach in their history. For those that have not failed a compliance audit, only 17% have any breach history, with just 2% having a breach in the last 12 months.
Despite 93% reporting an increase in attacks, limited planning and compliance continues to plague CI organisations: ransomware attacks are up 4% since 2022 and only 15% have a formal ransomware plan in place.
Thales UK managing director – cyber security & trust Tony Burton, says: “By operating complex, highly diverse, and inter-dependent technologies, the range of risks on the table is diverse. CI organisations need to take proactive measures to build cyber resilience across their distributed operations, addressing human error, ransomware, compliance, and access management concerns.”
Read the report from Thales here
