THE National Cyber Security Centre (NCSC) has issued a warning of heightened cyber threat to UK critical national infrastructure due to the risk posed by Russia state-aligned actors.
Pro-Russia ‘hacktivists’ have been targeting vulnerable small-scale industrial control systems in the UK, Europe and North America with more attacks expected over the coming months to target critical national infrastructure.
The NCSC outlined that the threats have largely been technically unsophisticated although US agencies have reported physical disruption to operations. The majority of activity so far has been DDoS attacks and website defacements.
David Manfield, Associate Director for Cyber Security at Investigo, part of The IN Group, comments: “During periods of heightened cyber threat organisations must re-evaluate their cyber defences, from technology to people, to ensure they can remain robust in the face of an attack. Alarmingly, cyber staff is the top talent pain point for over a third of organisations, according to our Tech and the Boardroom survey, highlighting a stark gap in cyber readiness. Especially in the era of AI-enabled cyber threats, organisations should prioritise building a more diverse pipeline of tech talent, actively recruiting staff with specialist cyber skills that can lead and implement policies and technology adoption to bolster defences.”
Ideologically driven state-aligned groups, often sympathetic to the Russian invasion of Ukraine, have been behind a series of threats over the past 18 months.
In response, the NCSC has urged all operational technology owners and operators to follow recommended mitigation advice to bolster cyber defences. With a focus on critical national infrastructure, the NCSC said: “We expect these groups to look for opportunities to create such an impact, particularly if systems are poorly protected.”
Achi Lewis, Area VP EMEA for Absolute Security, commented: “Cyber resilience should be the top priority for the NCSC, government and businesses, underpinning comprehensive cyber defence measures to combine reactive, preventative and recovery procedures. With cyber-attacks being a case of when, not if, particularly when it comes to critical national infrastructure, it is vital that organisations ensure their endpoint devices are best protected against threats to best mitigate the threat and impact of a breach.”
“For many devices, essential security tools are failing, as shown in our Cyber Resilience Index. When not supported by remediation capabilities, Endpoint Protection Platforms and network access security applications on managed PCs fail to operate effectively 24 per cent of the time, opening high-risk security gaps and making them vulnerable to breaches. While central networks appear a desirable entry point for malicious attackers, endpoints can be an easy route into an organisation’s systems if they’re behind patching and lack the necessary security controls.”
Oseloka Obiora, CTO, RiverSafe said: “Any attack against critical national infrastructure could have a catastrophic impact on public services, requiring sturdy cyber defence measures. In order to effectively mitigate the impact of cyber threats, security teams need comprehensive network visibility to enable them to both detect and address vulnerabilities before significant damage is caused.”
“Specifically in dispersed environments, observability should be at the core, monitoring the condition of networks, infrastructure and applications based on data outputs to ensure issues can be identified and resolved swiftly. Effective network visibility through observability could be the difference between hours and days’ worth of downtime should a successful attack occur.”
