Attacks on UK's critical national infrastructure have surged since Ukraine war

Cyberattacks on critical infrastructure can have serious knock-on effects - disrupting phone signals, transport and energy

Image:
Cyberattacks on critical infrastructure can have serious knock-on effects - disrupting phone signals, transport and energy

Attacks against infrastructure firms have spiked since Russia invaded Ukraine in March

More than 70% of the UK's critical national infrastructure (CNI) firms have seen an increase in cyberattacks since the Russian invasion of Ukraine, according to a report by cybersecurity services firm Bridewell Consulting.

The UK-based organisation polled 521 cybersecurity decision-makers from CNI sectors including finance, communications, government, utilities, aviation and transportation, to better understand their worries and exposure to cyber threats.

The study found that 72% of respondents were concerned about a rise in cyberattacks targeting UK CNI, putting infrastructure and society at risk.

Seventy-eight per cent of those surveyed said they were worried about intrusion attempts targeting CNI, likely due to a spike in attacks following Ukraine war.

One in ten people believe their team would be unable to handle such an attack, and approximately a quarter believe their systems are vulnerable to cyberattacks.

The transport and aviation sector is the most worried about cyber warfare, with 93% of respondents concerned about the threat. Since the start of the Ukraine conflict, more than eight in ten respondents in this sector have reported an increase in cyberattacks, and 69% are concerned that their systems are vulnerable to attack.

Martin Riley, director of managed security services at Bridewell, said CNI operators must work together more effectively to defend the societies they serve.

"Great progress has been made across the industry since the introduction of the NIS regulations, but it's now imperative that organisations include threat intelligence in their cyber security strategies to strengthen resilience," Riley said.

"Developing a culture of information-sharing among peers and supply chains is key to protecting our infrastructure and citizens," he added.

CNI attacks are nothing new, but have the potential to seriously disrupt society.

On the 7th May last year, a ransomware attack against Colonial Pipeline caused fuel shortages up and down the US East Coast. The firm, which delivers gasoline and jet fuel throughout the region, had to pay more than $4 million to the perpetrators.

This attack came after the high-profile SolarWinds breach, which impacted hundreds of firms worldwide, including US government institutions. The attack is thought to have been state-sponsored rather than motivated by a desire to generate money.

In February, IBM's annual X Force Threat Intelligence Index report revealed that the UK, Germany and Italy suffered the most cyberattacks in Europe in 2021, with the almost a quarter of the total targeting the UK's energy sector.