Response time amongst UK critical national infrastructure to ransomware attacks sits at between 6 and 14 hours, with energy companies taking the longest time to respond.

This is according to research conducted by Bridewell, which found that 57% of the 520 organisations considered critical to national infrastructure in the UK had been impacted by such attacks in the past year.

Responding to phishing attacks can take anywhere from 5 hours to 11, with financial services companies taking the most time to respond.

Nation-state attacks also remain a key concern, as Russian, Chinese, Iranian and North Korean-affiliated threat actors escalate efforts, and with companies in the road transport sector taking on average almost 20 hours to respond, with the energy and aviation sectors not far behind, taking around 19 and 18 hours respectively.

“Our research shows ransomware, phishing and malware remain highly potent, but are only part of the wide range of threats confronting the UK’s critical national infrastructure organisations,” said Anthony Young, chief executive officer at Bridewell.

“Organisations must invest to fortify their defences against mutating threats. Yet they need to be sure they combine innovative technology with human expertise and tested methodologies so they can remain at the cutting-edge without compromising business as usual.”

Central government organisations have been most significantly affected by ransomware attacks over the past 12 months, with more 63% reporting an attack, closely followed by civil aviation (61%) and energy (60%).

---