On 19th April 2023, the UK National Cyber Security Centre (NCSC) issued an alert warning of an emerging threat from state-aligned groups to critical national infrastructure. Within the alert, the NCSC describes the state aligned groups that " are often sympathetic to Russia’s invasion of Ukraine and are ideologically, rather than financially, motivated”.
This alert aligns with findings from Bridewell’s recently published Cyber Security in CNI Organisations: 2023 report, which found that almost eight-in-ten (78%) of respondents are worried now about the threat of cyber warfare against UK critical infrastructure.
A Heightened Risk to Western Critical National Infrastructure
The NCSC’s alert goes on to describe how these groups frequently utilise DDoS attacks, website defacements and the spread of misinformation. However, some of these groups have described more disruptive and destructive goals in impacting western Critical National Infrastructure (CNI) organisations – including those within the UK.
- 2016 - Indestroyer/CrashOverride attack on Ukraine energy systems
- 2017 - Triton/ TRISIS malware that targeted safety instrumented systems at a middle eastern petrochemical plant
- 2021 - The Colonial Pipeline IT network attack, which caused the company to shutdown one of the largest oil pipelines in the US for several days to stop the ransomware from spreading
- 2022 Pipedream – A further attack framework discovered, which can impact programmable logic controllers (PLCs). Whilst it is not known to have been employed in a successful cyber security attack, it demonstrates a significant evolution in attack capabilities against industrial control systems
“Without external assistance, we consider it unlikely that these groups have the capability to deliberately cause a destructive, rather than disruptive, impact in the short term. But they may become more effective over time, and so the NCSC is recommending that organisations act now to manage the risk against successful future attacks.”
Assured Cyber Security Consultancy
- Risk assessment
- Risk management
- Audit and review
- CAF assessments
“Bridewell is endorsed by the NCSC to provide a number of consultancy services, the breadth and depth of knowledge and skills are constantly working to help make our world a safer place. The NCSC recommends that organisations act now to manage the risk against future successful attacks. The NCSC has a range of guidance already available online, for organisations seeking a conversation or some support in response to the emerging threat, our assured services are testament to the work we do and we would be more than happy to help."
- NCSC CAF
- IEC 62443
- ISO 27001 and ISO 22301
- NIST 800-53
- GDPR and data privacy
- Managing security risk
- Protecting against cyber attack
- Detecting cyber security events
- Minimising the impact of cyber security incidents
Bridewell CNI Research Report
As part of CYBERUK 2023, Bridewell has released a new CNI research report, which surveyed over 1000 cyber security decision makers across the UK and US’ critical national infrastructure to understand their current cyber security challenges and levels of maturity. Some of the top level findings include:
- 65% of CNI organisations are seeing a reduction in their security budgets
- 62% of CNI organisations agree it takes too long to detect and respond to threats
- Only 21% of organisations have implemented 24/7 security monitoring on IT