Protecting the Critical National Infrastructure
The Growing Threat to National Security and Infrastructure
Critical national infrastructure (CNI) organisations are targeted by some of the most advanced and persistent threat actors in the world. The services CNI organisations provide are critical to consumers and the government, so it is essential to understand the maturity of an organisation’s security against relevant threats that their infrastructure faces.
The UK’s National Cyber Security Centre (NCSC) believes there is also a growing cyber threat. There are now more devices connected to the internet than ever before, and with the growth of our dependence on technology comes increased risk. We know there are hostile states and cyber criminals that may seek to exploit UK organisations and infrastructure to further their own agenda and prosperity. Campaigns can be persistent, including espionage, intellectual property theft or extortion by ransoming data, or through malware.
Get protected todayBy 2025, 30% of critical infrastructure organisations will experience a security breach that will result in the halting of an operations- or mission-critical cyber-physical system.
Gartner, Inc
Examples of cyber attacks on National Infrastructure
‘Sandworm’ Attacks Ukraine Power Grid
In the middle of winter, in 2016, half the population of a region in Ukraine (700,000 people) found themselves without power. The reason was due to a malware attack that had gained entry to the nation’s power facility after a barrage of DDoS, spear phishing, and BGP hijacking attacks. Purportedly by Russian hacker group ‘Sandworm’, the attack caused complete power failure for 6 hours in temperatures of -5 degrees Celsius. Companies, as well as private individuals, bore the brunt of the attack suffering disruptions to business and their daily lives.
WannaCry Ransomware Attack
The best-known cyber-attack affecting UK CNI—the 2017 WannaCry ransomware attack which caused significant disruption to NHS medical services—did not even deliberately target the UK. In August 2023 the Electoral Commission announced that hackers had obtained the details of tens of millions of British voters in a “complex cyber-attack” which went undetected for more than a year.
The UK’s National Cyber Security Centre (NCSC) has warned of the “enduring and significant” cyber threats faced by the nation’s critical infrastructure. In its seventh Annual Review, the NCSC highlighted the need for the UK to accelerate work to keep pace with the evolving threat landscape amid a rise of state-aligned groups, an increase in aggressive cyber activity and ongoing geopolitical challenges.
Over the past 12 months, the NCSC has observed the emergence of a new class of cyber adversary in the form of state-aligned actors, often sympathetic to Russia’s further invasion of Ukraine, targeting the UK’s critical infrastructure. These include providers of safe drinking water, electricity, communications, transport, and internet connectivity.
Download the NCSC reportTo see how Veracity can help you
The first line of defence
The first line of defence for critical infrastructure is stopping bots compromising the public facing parts of critical infrastructure providers, such as websites & web apps – remembering that many management platforms for critical infrastructure will be web apps and also by not allowing bots to gather information from websites that may be used to support another attack, for example phishing.
Read article
Award-winning malicious bot protection.
Cyber Award Winner 2021
AI-Enabled Data Solution of the Year – DataIQ Awards 2023 Finalist
Tech Innovation of the Year Winner – Leeds Digital Festival Awards
Cyber Security Company of the Year – UK Business Tech Awards 2023 Finalist
Tech Leader of the Year – Tech Awards 2023 Finalist
Best Use of AI – Tech Awards 2023 Highly Commended
