Report by Semperis

The State of Critical Infrastructure Resilience

6 FINDINGSPublished Apr 3, 2025
View Original Report →

Key Findings

62% of utility operators were targeted by cyberattacks in the past year.

SemperisThe State of Critical Infrastructure Resilience·1y ago
UtilityCyber attack

38% of utility operators believed they had not been targeted by cyberattacks.

SemperisThe State of Critical Infrastructure Resilience·1y ago
UtilityCyber attack

54% of utility operators who were targeted by cyberattacks suffered permanent corruption or destruction of data and systems.

SemperisThe State of Critical Infrastructure Resilience·1y ago
UtilityCyber attackData destructionSystem destructionCyber attack consequences

Nearly 60% of attacks against utility operators were carried out by nation-state groups

SemperisThe State of Critical Infrastructure Resilience·1y ago
UtilityCyber attackNation state

81% of cyberattacks on utilities compromise identity systems such as Active Directory, Entra ID, and Okta.

SemperisThe State of Critical Infrastructure Resilience·1y ago
UtilityIdentity systemsActive DirectoryEntra IDOkta

Of those utility operators targeted by cyberattacks in the past year, 80% were attacked multiple times.

SemperisThe State of Critical Infrastructure Resilience·1y ago
UtilityCyber attack