- Stop plugging these 7 devices into extension cords - even if they sound like a good idea
- I changed these 6 Samsung TV settings to give the picture quality an instant boost
- I tested a 9,000,000mAh battery pack from eBay that cost $10 - here's my verdict
- The 3 most Windows-like Linux distros to try because change is hard
- This 'unlimited battery' GPS tracker is an integral part of my hikes - and it's on sale
53% of survey respondents admit to paying over $500,000 ransom
Cyber-physical systems (CPS) security was analyzed in a recent report by Claroty. The findings revealed a significant financial impact, with over a quarter (27%) of organizations reporting a financial impact of $1 million or more from cyberattacks affecting CPS. Several factors contributed to these losses, the most common being lost revenue (selected by 39% of respondents), recovery costs (35%) and employee overtime (33%).
Ransomware continues to play a big role in recovery costs, as over half of respondents (53%) met ransom demands of more than $500,000 USD to recover access to encrypted systems and files in order to resume operations. This problem is particularly severe in the healthcare sector – 78% reported ransom payments over $500,000 – as ransomware and extortion-based attacks on hospitals and clinical environments continue to run seemingly unabated.
Closely tied to the financial losses are the operational impacts, with one-third (33%) reporting a full day or more of operational downtime that impacted their ability to produce goods or services. About half (49%) said the recovery process took a week or more and nearly a third (29%) said recovery took over a month. This is particularly notable given that CPS environments such as manufacturing plants place a premium on availability and uptime of critical systems – even at the expense of timely security and feature updates.
When considering the root cause of these cyberattacks, third-party and remote access exposures persist across organizations. Eighty-two percent of respondents said at least one cyberattack — and nearly half (45%) said five or more attacks — in the past 12 months originated from third-party supplier access to the CPS environment. And yet, almost two-thirds (63%) admit to having either partial or no understanding of third-party connectivity to the CPS environment.