Ukraine Flag

Cyber Attacks Against UK CNI Increase Amidst Russia-Ukraine War

Published 9 May 2022

72% report increase in cyber attacks targeting UK critical infrastructure, putting infrastructure and society at risk.

The systems that underpin the UK’s critical national infrastructure (CNI) are under increasing cyber threat. Over 7 in 10 cyber security decision makers at UK CNI organisations reported a rise in cyber attacks since the start of the Ukraine war, according to new research by UK cyber security services firm Bridewell.

The research, which surveyed 521 cyber security decision makers in the communications, utilities, finance, government and transport and aviation sectors, reveals a high degree of concern about cyber warfare among operators of UK critical infrastructure. Over three quarters (78%) are worried about the threat of cyber warfare against the UK’s critical national infrastructure with a quarter concerned that their systems are vulnerable. This raises concerns over the safety of the UK’s critical infrastructure with one in ten also fearing their team wouldn’t be able to cope with a cyber warfare attack.

Cyber Warfare Concern

Concern over cyber warfare is significantly higher in the transport and aviation sector with 93% worried about the threat of cyber warfare. Over 8 in 10 (86%) report increased cyber attacks since the start of the Ukraine war and 69% worry their systems are vulnerable to attack.

As attacks rise in sophistication and volume, operators of critical national infrastructure must collaborate more effectively and share intelligence needed to protect infrastructure and society. Great progress has been made across the industry since the introduction of the NIS Regulations but it’s now imperative that organisations include threat intelligence in their cyber security strategies to strengthen resilience. Developing a culture of information-sharing among peers and supply chains is key to protecting our infrastructure and citizens.

Martin Riley, Director of Managed Security Services, Bridewell

The findings follow a recent report from Microsoft which identified 237 attacks against from six Russian-affiliated groups. With IT teams under pressure to improve maturity, escalating geopolitical tensions have given a renewed sense of urgency to the need to strengthen cyber defences against nation-state attacks. Currently, only 1 in 5 say that they have implemented threat hunting and cyber intelligence, just half admit to receiving information about attacks through the disclosure of intelligence, and less than half say they share their threat intelligence with peers.

Bridewell is a cyber security services company providing global, 24/7 managed detection and response services and cyber security consultancy.

With extensive experience in delivering large-scale transformational projects in highly regulated environments, Bridewell enables organisations to drive strategic change securely, providing a full breadth of end-to-end cyber security services. Its expert team comprises a diverse range of highly skilled consultants, supported by industry leading technology, deep technical expertise, accredited methodologies and a client-centric business driven approach.