The systems that underpin the UK’s Critical National Infrastructure (CNI) are under increasing cyber threats. Over seven in 10 cyber security decision makers at UK CNI organisations reported a rise in cyber attacks since the start of the Ukraine war, according to new research by cyber security services firm Bridewell.
The research, which surveyed 521 cyber security decision makers in the communications, utilities, finance, government and transport and aviation sectors, reveals a high degree of concern about cyber warfare among operators of UK critical infrastructure. Over three quarters (78%) are worried about the threat of cyber warfare against the UK’s CNI with a quarter concerned that their systems are vulnerable. This raises concerns over the safety of the UK’s critical infrastructure, with one in 10 also fearing their team wouldn’t be able to cope with a cyber warfare attack.
Concern over cyber warfare is significantly higher in the transport and aviation sector with 93% worried about the threat of cyber warfare. Over eight in 10 (86%) report increased cyber attacks since the start of the Ukraine war and 69% worry their systems are vulnerable to attack.
“As attacks rise in sophistication and volume, operators of critical national infrastructure must collaborate more effectively and share intelligence needed to protect infrastructure and society,” says Martin Riley, Director of Managed Security Services at Bridewell.
“Great progress has been made across the industry since the introduction of the NIS Regulations but it’s now imperative that organisations include threat intelligence in their cyber security strategies to strengthen resilience. Developing a culture of information sharing among peers and supply chains is key to protecting our infrastructure and citizens.”
The findings follow a recent report from Microsoft which identified 237 attacks against from six Russian-affiliated groups. With IT teams under pressure to improve maturity, escalating geopolitical tensions have given a renewed sense of urgency to the need to strengthen cyber defences against nation-state attacks. Currently, only one in five say that they have implemented threat hunting and cyber intelligence, just half admit to receiving information about attacks through the disclosure of intelligence, and less than half say they share their threat intelligence with peers.