Trustwave SpiderLabs is continuing its multi-year research effort delving into the unique cybersecurity challenges that face different vertical sectors with a new report launching on January 22.
This effort analyzes the energy and utilities sector, industries which are increasingly targeted due to their critical role in supporting national and global infrastructures.
Ransomware takes center stage in these reports, with Trustwave SpiderLabs reporting an 80% year-over-year surge in such attacks. Energy firms face steeper financial losses than other sectors, averaging $5.29 million per data breach compared to $4.8 million. However, these monetary losses are overshadowed by the far-reaching impact of disrupted fuel and power supplies.
The primary report will be joined by two specialized supporting pieces of research, focusing on these critical areas of concern:
While the reports aren’t live yet, you can register now for the webinar series that will go into much further detail on the threats facing energy and utilities providers.
These supplemental reports provide detailed profiles of the most active and dangerous ransomware groups, as well as ransomware trends within the sector. The content is designed to offer organizations operating in this sector actionable intelligence and mitigation methods to best defend themselves.
The information provided in the reports is important given the sector's critical role in society, noting that cyberattacks can trigger widespread consequences, including power outages, supply chain disruptions, and threats to national security. To safeguard reliability and resilience, energy and utility providers must prioritize robust cybersecurity measures.
The Trustwave SpiderLabs team highlights significant trends shaping the industry, including the rise of ransomware, the convergence of operational technology (OT) and information technology (IT), and evolving regulatory pressures. The report also addresses the growing sophistication of threat actors and provides a comprehensive overview of the tactics, techniques, and procedures (TTPs) they employ, categorized by attack stage. This intelligence empowers energy sector organizations to better prepare, detect, and mitigate potential attacks.
The threat actor’s increased capabilities are reflected by the North American Electric Reliability Corporation (NERC) that the US power grids become more vulnerable to cyberattack each day as “the number of susceptible points in electrical networks is increasing by about 60 per day.”
The 2025 Trustwave Risk Radar Report: Energy and Utilites Sector is the latest in a series researched and published by Trustwave SpiderLabs starting in 2023. Please visit these for our most recent research primary and complementary reports:
To dive into earlier Trustwave SpiderLabs vertical sector research, click here.