The State of Ransomware in Critical Infrastructure 2024

Sophos’ annual study of the real-world ransomware experiences of organizations around the globe explores the full victim journey, from root cause to severity of attack, financial impact, and recovery time. This report focuses on the ransomware experiences of the energy, oil/gas and utilities sector, a core element of the critical infrastructure supporting businesses around the globe.

The report combines fresh new insights, including an exploration of the role of law enforcement in ransomware remediation, with year-on-year trends leveraging learnings from our previous studies. It reveals the realities facing energy, oil/gas and utilities providers today and how the impact of ransomware has evolved over the last five years.

A note on reporting dates

To enable easy comparison of data across our annual surveys, we name the report for the year in which the survey was conducted: in this case, 2024. We are mindful that respondents are sharing their experiences over the previous year, so many of the attacks referenced occurred in 2023.

About the survey

The report is based on the findings of an independent, vendor-agnostic survey commissioned by Sophos of 5,000 IT/cybersecurity leaders across 14 countries in the Americas, EMEA, and Asia Pacific. This included 275 respondents from the energy, oil/gas and utilities organizations. All respondents represent organizations with between 100 and 5,000 employees. The survey was conducted by research specialist Vanson Bourne between January and February 2024, and participants were asked to respond based on their experiences over the previous year.