Cyberattacks against UK CNI increase amidst Russia-Ukraine war

72 percent of UK critical infrastructure firms report increase in cyberattacks

Posted 11 May 2022 by Christine Horton

The systems that underpin the UK’s critical national infrastructure (CNI) are under increasing cyber threat. More than seven out of 10 (72 percent) cybersecurity decision makers at UK CNI organisations reported a rise in cyberattacks since the start of the Ukraine war, according to new research by UK cybersecurity services firm Bridewell.

The research, which surveyed 521 cybersecurity decision makers in the communications, utilities, finance, government and transport and aviation sectors, reveals a high degree of concern about cyber warfare among operators of UK critical infrastructure. More than three quarters (78 percent) are worried about the threat of cyber warfare against the UK’s critical national infrastructure with a quarter concerned that their systems are vulnerable.

This raises concerns over the safety of the UK’s critical infrastructure with one in ten also fearing their team wouldn’t be able to cope with a cyber warfare attack.

Concern over cyber warfare is significantly higher in the transport and aviation sector with 93 percent worried about the threat of cyber warfare. More than eight in 10 (86 percent) report increased cyberattacks since the start of the Ukraine war and 69 percent worry their systems are vulnerable to attack.

“As attacks rise in sophistication and volume, operators of critical national infrastructure must collaborate more effectively and share intelligence needed to protect infrastructure and society,” said Martin Riley, director of managed security services at Bridewell.

“Great progress has been made across the industry since the introduction of the NIS Regulations but it’s now imperative that organisations include threat intelligence in their cybersecurity strategies to strengthen resilience. Developing a culture of information-sharing among peers and supply chains is key to protecting our infrastructure and citizens.”

Sense of urgency

The findings follow a recent report from Microsoft which identified 237 attacks against from six Russian-affiliated groups. With IT teams under pressure to improve maturity, escalating geopolitical tensions have given a renewed sense of urgency to the need to strengthen cyber defences against nation-state attacks. Currently, only one in five say that they have implemented threat hunting and cyber intelligence, just half admit to receiving information about attacks through the disclosure of intelligence, and less than half say they share their threat intelligence with peers.