53% of survey respondents admit to paying over $500,000 ransom

Cyber-physical systems (CPS) security was analyzed in a recent report by Claroty. The findings revealed a significant financial impact, with over a quarter (27%) of organizations reporting a financial impact of $1 million or more from cyberattacks affecting CPS. Several factors contributed to these losses, the most common being lost revenue (selected by 39% of respondents), recovery costs (35%) and employee overtime (33%).

Ransomware continues to play a big role in recovery costs, as over half of respondents (53%) met ransom demands of more than $500,000 USD to recover access to encrypted systems and files in order to resume operations. This problem is particularly severe in the healthcare sector – 78% reported ransom payments over $500,000 – as ransomware and extortion-based attacks on hospitals and clinical environments continue to run seemingly unabated.

Closely tied to the financial losses are the operational impacts, with one-third (33%) reporting a full day or more of operational downtime that impacted their ability to produce goods or services. About half (49%) said the recovery process took a week or more and nearly a third (29%) said recovery took over a month. This is particularly notable given that CPS environments such as manufacturing plants place a premium on availability and uptime of critical systems – even at the expense of timely security and feature updates.

When considering the root cause of these cyberattacks, third-party and remote access exposures persist across organizations. Eighty-two percent of respondents said at least one cyberattack — and nearly half (45%) said five or more attacks — in the past 12 months originated from third-party supplier access to the CPS environment. And yet, almost two-thirds (63%) admit to having either partial or no understanding of third-party connectivity to the CPS environment.

Download the report