A recent report from Claroty, a company specializing in cyber-physical systems (CPS) protection, reveals the financial toll of cyberattacks on organizations using CPS. The report discloses that one CPS-enabled company experienced losses exceeding $1 million in the past year because of cyberattacks. Claroty’s findings are based on a survey of 1,110 cybersecurity experts responsible for CPS, operational technology (OT), building management systems (BMS), Internet of Things (IoT), and Internet of Medical Things (IoMT).
Almost half (45%) of those surveyed reported financial losses of $500,000 or more, with 27% of respondents suffering losses that topped $1 million. These costs come from a variety of sources besides ransom payments. For example, 39% of organizations reported revenue loss, 35% faced recovery costs, 33% incurred employee overtime expenses, 31% paid legal fees, and 30% experienced customer or partner losses. In addition, about half (49%) of the organizations hit by cyberattacks said they experienced operational downtime lasting a week or more, and 29% of respondents indicated that it took a month to recover.
Ransomware is a frequent element of cyberattacks, with demands often made to decrypt stolen data or stop its public exposure. Paying a ransom might seem like a way to reduce losses, but it is risky. There’s no guarantee that the attacker will give the valid decryption keys. Even if they do, the data may be damaged or unrecoverable. Attackers may not delete stolen data even after receiving payment. Only 13% of companies in the past year avoided paying the ransom demand.
Over half (53%) of respondents reported paying ransoms of at least $500,000 to access the encrypted systems and get back in business quickly. Healthcare organizations were more vulnerable, with 78% paying the $500,000 ransoms, and 39% paying over $1 million. The healthcare sector’s high payout rate makes it a prime target for ransomware groups.
The report cited that third-party and remote access to CPS environments poses a big risk. More than 40% of respondents revealed that about 50% of their CPS assets were linked to the internet, with 82% having experienced cyberattacks exploiting those connections. 45% of respondents said they had suffered at least five attacks in the past year due to third-party or remote access. Sadly, 63% of the respondents admitted the lack of understanding of the extent of third-party connectivity to their systems.
Third-party cyberattacks have a ripple effect on both upstream and downstream organizations. According to the report, 40% of participants said one to five attacks affected their vendors, and 19% said over 10 attacks had upstream effects. Because of these incidents, 26% of organizations implemented new safety practices, 25% re-discussed policies or pricing with vendors, and 15% concluded partnerships with third parties.
Organizations are working to enhance their cybersecurity measures. Over half (56%) of respondents feel more certain of their organization’s ability to handle cyber incidents compared to one year ago. 72% anticipate measurable changes in their cybersecurity posture in the coming year. Claroty’s Chief Strategy Officer, Grant Geyer, emphasized the importance of proactive investment in cybersecurity, stating that the effects of cyberattacks on asset-intensive companies can damage operations. Often, organizations only invest in cybersecurity after suffering financial losses. Now, there is a shift in mindset as companies look at cybersecurity as important to achieving their company’s goals, rather than a reactionary measure. Healthcare organizations would be more likely to take HIPAA compliance more seriously with the risks of cyberattacks.