Ransomware attacks targeting utilities have surged by 42% over the past year, with spear phishing playing a major role in 81% of cases, according to a ReliaQuest study spanning November 2023 to October 2024.
Analyzing data from its GreyMatter platform and dark web activity, ReliaQuest found that utilities like water and energy systems are disproportionately affected. Their critical role in infrastructure makes them prime targets for cybercriminals.
Spear phishing emerged as a significant threat, accounting for 81% of alerts in the utilities sector. Within these cases, 31.5% involved spearphishing links, 27.9% internal spearphishing, and 21.5% malicious attachments. "Employees in the sector frequently receive emails from numerous different senders, which may lead to reduced vigilance when interacting with unfamiliar messages, particularly those that appear to come from trusted sources," ReliaQuest stated.
Additionally, the prevalence of internal spear phishing highlights the risks posed by contractors and third-party vendors closely integrated into utilities' operations.
Ransomware attacks have also risen dramatically, with 75 utilities being listed on ransomware leak sites during the study period—a 42% increase compared to the previous year. The Play ransomware group alone reported 10 utilities victims, up from just three the year before, marking a staggering 233% jump.
Among ransomware groups, LockBit was the top threat, followed by Play, ALPHV/BlackCat (now defunct), Akira, and 8base. Utilities faced a disproportionately higher number of attacks from these groups compared to other industries.
ReliaQuest attributed this rise to factors like the growing adoption of industrial IoT systems, which often lack regular updates, leaving vulnerabilities open for exploitation. The broader increase in ransomware-as-a-service (RaaS) operations also contributes to the trend.
To combat these threats, ReliaQuest advises utilities to enhance defenses by implementing automated incident response systems and boosting employee security awareness about phishing schemes. Advanced email security systems, capable of detecting and disrupting phishing attempts, can further shield organizations from these pervasive social engineering attacks.
By taking proactive measures, utilities can mitigate the escalating risks to their operational technology (OT) and IT environments, safeguarding critical infrastructure against rising cyber threats. KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
ReliaQuest has the story.
Here's what you'll get:
