Report Provides Insights into the Financial Impact of Cyberattacks
A new report from the cyber-physical systems (CPS) protection company, Claroty, provides insights into the financial impact of cyberattacks and reveals one in four CPS-enabled organizations lost more than $1 million due to cyberattacks in the past 12 months. For the report, Claroty conducted a survey of 1,110 cybersecurity professionals who had responsibilities for CPS, including operational technology (OT), Internet of Things (IoT), connected medical devices (IoMT), and building management systems (BMS).
45% of surveyed cybersecurity professionals said they suffered losses of $500,000 or more in the past 12 months due to cyberattacks, with 27% suffering losses of $1 million or more. Many costs have to be covered following a cyberattack. Aside from the ransom payment, the main factors that contributed to the losses were loss of revenue, reported by 39% of organizations, followed by recovery costs (35%), employee overtime (33%), legal costs (31%), and the loss of customers/partners (30%). Almost half of organizations (49%) that suffered a cyberattack said it resulted in operational downtime of a week or more, with 29% reporting that the recovery took more than a month.
Many cyberattacks involve a ransom demand, either to decrypt data, prevent stolen data from being leaked/sold, or both. It may be possible to reduce losses by paying the ransom, although there is no guarantee that the attacker will provide valid keys to decrypt data, there may be further extortion attempts before the decryption keys are provided, data is often corrupted and unrecoverable, and the stolen data may not be deleted even if a ransom is paid. Only 13% of organizations said they did not pay any ransoms in the past 12 months.
More than half of the respondents (53%) paid a ransom of $500,000 or more to recover access to their encrypted systems and to restore business operations more quickly, with healthcare organizations more likely to pay a ransom. 78% of surveyed healthcare organizations said they paid a ransom of $500,000 or more to recover their data and/or to prevent the publication of the stolen data, with 39% paying more than $1 million. With such a high percentage of healthcare organizations paying the ransom, it is no surprise that the industry is so heavily targeted by ransomware groups.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Among the biggest risks were third-party and remote access to CPS environments. More than two-fifths of respondents said they had at least half of their CPS assets connected to the Internet. 82% of respondents said at least one cyberattack in the past 12 months abused these connections, with more than two-fifths (45%) of respondents saying they experienced five or more attacks in the past 12 months via third-party and remote access. Despite these risks, almost two-thirds (63%) of organizations said they had partial or no understanding of third-party connectivity to their CPS environment.
While attacks on vendors have impacts on downstream clients, vendors are often impacted by cyberattacks on their clients. 40% of respondents said between one and five attacks had upstream effects, with 19% of respondents saying more than 10 attacks had an upstream effect on their vendors. Following an attack on a third party, 26% established new security protocols, 25% renegotiated terms or pricing, and only 15% ended their relationship with the vendor.
Efforts are being put into improving cybersecurity, with 56% of respondents saying they are more confident that their organization can withstand cyber incidents than they were 12 months ago, and 72% said they expect to see quantifiable improvements in the next 12 months. “The impacts from cyber attacks on asset-intensive organizations can be detrimental to operations, and, in reality, often require the level of loss like we saw in our study to make the necessary cybersecurity investments,” said Grant Geyer, Chief Strategy Officer at Claroty. “To evolve from this reactionary process to a proactive one that will decrease losses, we also found that organizations are shifting their thinking—they are starting to consider it core to delivering on an organization’s mission.”
