The systems that underpin the UK’s critical national infrastructure (CNI) are under increasing cyber threat. Over seven in 10 cybersecurity decision-makers at UK CNI organisations reported a rise in cyberattacks since the start of the Ukraine war, according to new research by UK cybersecurity services firm, Bridewell.
The research, which surveyed 521 cybersecurity decision-makers in the communications, utilities, finance, government and transport and aviation sectors, reveals a high degree of concern about cyber warfare among operators of UK critical infrastructure. Over three-quarters (78%) are worried about the threat of cyber warfare against the UK’s critical national infrastructure with a quarter concerned that their systems are vulnerable. This raises concerns over the safety of the UK’s critical infrastructure with one in 10 also fearing their team wouldn’t be able to cope with a cyber warfare attack.
Concern over cyber warfare is significantly higher in the transport and aviation sector with 93% worried about the threat of cyber warfare. Over eight in 10 (86%) report increased cyberattacks since the start of the Ukraine war and 69% worry their systems are vulnerable to attack.
“As attacks rise in sophistication and volume, operators of critical national infrastructure must collaborate more effectively and share intelligence needed to protect infrastructure and society,” said Martin Riley, Director of Managed Security Services at Bridewell.
“Great progress has been made across the industry since the introduction of the NIS Regulations but it’s now imperative that organisations include threat intelligence in their cybersecurity strategies to strengthen resilience. Developing a culture of information-sharing among peers and supply chains is key to protecting our infrastructure and citizens.”
The findings follow a recent report from Microsoft which identified 237 attacks against from six Russian-affiliated groups. With IT teams under pressure to improve maturity, escalating geopolitical tensions have given a renewed sense of urgency to the need to strengthen cyber defences against nation-state attacks. Currently, only one in five say that they have implemented threat hunting and cyber intelligence, just half admit to receiving information about attacks through the disclosure of intelligence and less than half say they share their threat intelligence with peers.