The British cybersecurity firm Sophos has recently published a study on ransomware attacks against critical infrastructures (KRITIS), based on a survey of 275 executives in the key sectors of water, energy, oil, and gas. According to the study, by 2024, 67 percent of companies in these sensitive areas had already been subjected to ransomware attacks, compared to 59 percent globally.

The ransom payments made – which is, after all, the purpose of ransomware – have risen to a median of 2.3 million Euro, approximately 460,000 Euro higher than the average in the KRITIS environment. Restoration costs have quadrupled to 2.8 million Euro, making them four times higher than the global average. And despite paying ransoms, restoration took longer than expected for 61 percent of companies.

No immediate data access despite ransom payments

55 percent of affected companies needed more than a month to restore their systems, while in other sectors this figure is “only” 35 percent. Additionally, the examined areas reported 79 percent more compromised backups than in other KRITIS (Critical Infrastructure) sectors.

“Cybercriminals focus on industrial sectors where they can cause the most pain and disruption. At the same time, the public, especially in the KRITIS environment, demands quick solutions to restore services – if necessary, even by paying ransoms. This makes utility companies preferred targets for ransomware attacks,” quotes the specialist magazine IT-Sicherheit Chester Wisniewski, Global Field CTO of Sophos.

He further stated: “Unfortunately, utility companies are vulnerable to attacks in many ways, including due to high availability requirements and a mindset focused on physical security. Additionally, there are sometimes older technologies lacking modern security measures and a general shortage of IT security personnel.”

Managed Services Offer Better Protection

Managed services, as offered by Axians as a “Leader” in the ISG Provider Lens according to ChannelPartner, are generally more secure than on-premises solutions, especially since they usually include redundant backup data protection distributed across multiple data centers. With this approach, Axians optimally protects critical infrastructure (KRITIS) companies from ransomware attacks, as indicated in the ISG market overview. Soon, Axians will also receive support from the Fernao Group. The parent company of Axians, VINCI Energies, signed an agreement in August 2024 to acquire the Cologne-based cloud and IT security specialist.

“With the Fernao Group, we gain additional expertise and a significant boost in cybersecurity capabilities, particularly for our Axians ICT brand network in Germany and Switzerland,” said Dr. Reinhard Schlemmer, member of the executive board of VINCI Energies, at the signing of the agreement for the company takeover.

Learn how Axians helps companies establish a secure digital transformation here. The first step is always an assessment of the respective maturity level in the field of cybersecurity. From this, the needs and levers emerge that B2B customers can adjust together with Axians to ensure optimal IT and, if necessary, OT security. To connect and strengthen IT and OT security, VINCI Energies, together with Axians for the ICT sector and Actemium (industrial technology), opened its own IT & OT Security Operations Center (SOC) in Basel in 2022.

This hub in Basel also serves as a coordination center for hundreds of cybersecurity experts across Europe and globally. However, it is also crucial, especially in the KRITIS sector, to adhere to new EU directives such as NIS2 and CER. VINCI Energies, Axians, and Actemium provide corresponding consulting and support.

Image source: Adobe Stock / Melhak