IBM report reveals vulnerable UK energy system among top targets for cybercriminals

IBM report reveals vulnerable UK energy system among top targets for cybercriminals

IBM Security has released its 2023 X-Force Threat Intelligence Index, which revealed that the UK’s energy industry was among the primary targets for cyberattacks for the second consecutive year, seeing 16% of all attacks. The UK was the top-attacked country in Europe, accounting for 43% of the attacks X-Force observed, followed by Germany (14%), Portugal (9%), Italy (8%) and France (7%). 

With rising energy bills a key factor in the squeeze on UK consumer finances, the report highlights the threat of further pressure on an already vulnerable energy sector and the potential for data breach costs to trickle down to consumers through price rises. As many UK businesses strive to carefully manage costs, there is heightened risk of cybersecurity investment falling and vulnerabilities proliferating.

The most common impact from cyberattacks in 2022 was extortion, which was primarily achieved through ransomware or Business Email Compromise (BEC) attacks. With threat actors often seeking to exploit geopolitical tensions, the report found that Europe was the most targeted region for extortion in 2022. More than half of the cases X-Force observed in the UK involved extortion (57%) – twice the global average – followed by data theft (29%). 

Backdoor deployments – malware that provides remote access – were the most common attacker action observed in the UK in 2022, comprising 18% of cases. Gaining backdoor access often precedes ransomware attacks, Distributed Denial of Service (DDoS) attacks and deployment of remote access tools, which were each involved in 14% of UK incidents. 

Browse our latest issue

Intelligent CISO

View Magazine Archive