Feature

Cyberattacks on critical energy infrastructure ‘have increased dramatically’

Bridewell’s Anthony Young and Nozomi’s Edgard Capdevielle unpack the cyber threats facing critical UK infrastructure firms with Kris Cooper.

Powered by

Credit: Alexander Supertramp / Shutterstock

Cyberattacks on organisations continue to rise, and one sector in particular that is being targeted is that of critical national infrastructure (CNI) – the systems that are required for a country to run. 

Indeed, late last year, the UK’s National Cyber Security Centre said that the country’s critical sectors were facing an “enduring and significant threat amid a rise of state-aligned groups, an increase in aggressive cyber activity and ongoing geopolitical challenges.” 

Cyberattacks against CNI organisations can have significant impacts, with the potential to disrupt the likes of water and energy supplies. 

While the threat to CNI organisations has been rising over the last 10 years, the 2021 Colonial Pipeline ransomware attack in the US came as a wake-up call for many. 

The wide-scale disruption and effect on energy prices highlighted both to governmental officials at the White House and energy firms how vigilant and resilient they need to be in the face of an increasing number of cyberattacks. 

Such is the growing threat faced in the sector that there are now a host of cybersecurity firms now specifically focussed on helping CNI firms build cyber resilience and protection – among them US-based Nozomi Networks and UK-based Bridewell. 

Increasing threat of cyberattacks

Speaking to Power Technology's sister publication Verdict, Nozomi Networks CEO Edgard Capdevielle says that the sector rarely experienced cyberattacks a decade ago when the company was founded, and thus cybersecurity protection was limited. Now, ten years on, he says: “The nature and frequency of attacks has increased dramatically.” 

In the face of this increasing level of attacks, Bridewell’s CEO Anthony Young says he has witnessed an increase in cyber maturity within CNI over the last couple of years. He notes that, while financial services used to be the primary target for cyber attackers, they have since recognised the financial and political potential of disrupting CNI, with a key tool for this being ransomware. 

“Ransomware allows you to monetize anything,” explains Capdevielle, meaning that disruption to resources like gas can be incredibly lucrative for attackers. 

While many attacks are still financially motivated, there are also many geopolitically motivated attacks carried out within CNI especially. These are increasingly perpetrated by state-sponsored actors and activists. 

Notably, on the geopolitical side, Young says that many actors are compromising systems but not attacking or exfiltrating information. They, may simply observe the internal operations or retain access until they want to act. The potential results of such attacks, like blackouts or interruptions to water supplies, can be used to sow chaos, discord and fear within populations. 

Cyber threats for CNI

CNI organisations are targeted by a variety of attacks, with distributed denial-of-service (DDoS) attacks being common, as well as phishing and ransomware attacks. 

There are also more complex attacks that involve infiltrating a system to monitor it and nation-state-type attacks that affect operational technology. Young says that, when Bridewell is working with CNI organisations, “lie and wait” system breaches are commonly observed. 

He adds that, with the ever-expanding range of platforms used by businesses, “the attack surface is constantly growing” – a sentiment echoed by other cybersecurity experts. 

Noting another widely recognised emerging trend in cybersecurity, Capdevielle points to artificial intelligence as an increasing part of the threat to the CNI sector – in particular to help automate attacks. 

“A lot of people see artificial intelligence as a light switch, meaning it was off and then somebody flipped it and now it’s on,” he says. “That’s not the case to look at it at all. I would see it more as a gradual spectrum, where people start just using computing and scripts to automate human labour.” 

Both Capdevielle and Young emphasise the importance for CNI organisations of cyber resilience – knowing at some point an attack is inevitable but having the playbooks to recover and rebuild any systems and data. 

“A lot of people just practice their backups, and then never practice the recovery, and the recovery is super, super critical,” says Capdevielle. 

Go to article: Home | Cybersecurity in the age of AIGo to article: ContentsGo to article: BriefingGo to article: Foreword: Cybersecurity in the age of AI Go to article: Navigating the AI-driven cybersecurity landscapeGo to article: Key trends impacting cybersecurity Go to article: Timeline: a history of cybersecurity Go to article: Explainer: The most common types of cyberattacks Go to article: AI attacks now ‘the main cybersecurity concern’ for businesses across sectors Go to article: The state of cybersecurity: AI and geopolitics mean a bigger threat than ever Go to article: Companies’ own AI applications are ‘a huge cybersecurity problem’ Go to article: Regulators must protect the cybersecurity market from a private equity takeover Go to article: HealthcareGo to article: The impact of cybersecurity on healthcareGo to article: Case studies: cybersecurity in healthcare Go to article: Leading cybersecurity adopters and providers in healthcareGo to article: How healthcare cybercrime is predicted to escalate Go to article: Healthcare cybersecurity risk ‘higher than ever’ due to pandemicGo to article: Industry takes: Keeping healthcare businesses cybersecure Go to article: Rubrik’s Richard Cassidy on cyberattacks and resilience in healthcare organisationsGo to article: Cyberattacks on healthcare: Russia’s tool for mass disruption Go to article: Traceability technologies tighten supply chain fakery Go to article: Could brain-computer interfaces be hacked? Go to article: Deal activity related to cybersecurity in the pharma industry since 2021 Go to article: Deal activity related to cybersecurity in the medical industry since 2021 Go to article: EnergyGo to article: The impact of cybersecurity on the energy sector Go to article: Case studies: cybersecurity in energy Go to article: Leading cybersecurity adopters and providers in power Go to article: Cyberattacks on critical energy infrastructure ‘have increased dramatically’ Go to article: Report: Nuclear industry faces acute cybersecurity threats Go to article: The energy transition means increased attack surfaces for hackers Go to article: Deal activity related to cybersecurity in the power industry since 2021  Go to article: Cyber threat to oil and gas driven by geopolitics, extortion Go to article: How has cybersecurity changed since the Aramco hacks? Go to article: Deal activity related to cybersecurity in the oil and gas industry since 2021  Go to article: MiningGo to article: The impact of cybersecurity on miningGo to article: Case studies: cybersecurity in miningGo to article: Leading cybersecurity adopters and vendors in miningGo to article: Proactive approach to cybersecurity key for minesGo to article: ‘Operational disruption’ the main cybersecurity threat in miningGo to article: Why the mining sector should prioritise investment in cybersecurityGo to article: Will the Northern Sea Route become commercially viable in the near future?Go to article: Deal activity related to cybersecurity in the mining industry since 2021Go to article: DefenceGo to article: The impact of cybersecurity on defence Go to article: Case studies: cybersecurity in defence Go to article: Leading cybersecurity adopters and providers in defence Go to article: Latest news: Ukraine war dominant in cyber operationsGo to article: Sweden’s Nato accession: a cyberattack-filled saga Go to article: Germany recalls ambassador to Russia over cyberattacks Go to article: Why have cyberattacks in Poland spiked since Donald Tusk’s election? Go to article: How did China hack the UK Ministry of Defence? Go to article: Will IoT in defence continue to grow amid cybersecurity concerns? Go to article: AI Innovations wants to use semi-autonomous drones to save lives in Ukraine Go to article: Deal activity related to cybersecurity in the aerospace & defence industry since 2021  Go to article: Consumer GoodsGo to article: The impact of cybersecurity on the consumer goods sector Go to article: Case studies: cybersecurity in the consumer sector Go to article: Leading cybersecurity adopters and providers in consumer goodsGo to article: Latest news: Cybersecurity in packagingGo to article: Cybersecurity rising concern for packaging firms as digitalisation raises threat Go to article: Packaging companies must protect production lines from cyberattacks –analyst Go to article: Cybersecurity boost: Packaging learns from recent IT outages Go to article: Deal activity related to cybersecurity in the packaging industry since 2021  Go to article: Latest news: Cybersecurity in drinks Go to article: Drinks industry faces cybersecurity challenges from smart manufacturing Go to article: Brown-Forman chief talks cybersecurityGo to article: Modern supply chains open up cyber weak spotsGo to article: BankingGo to article: The impact of cybersecurity in banking and payments Go to article: Case studies: cybersecurity in banking Go to article: Leading cybersecurity adopters and providers in banking & payments Go to article: Latest news: cybersecurity in bankingGo to article: AI needed to tackle AI fraud – cybersecurity expert Go to article: What are the main cybersecurity trends of 2024? Go to article: What does the Economic Crime Act mean for foreign investors to the UK? Go to article: Regulators make crypto more attractive to institutions – NYU professor Go to article: Finance firms and ex-spies: strange bedfellows in a war-torn world Go to article: Monzo adds friction to fight fraud—but the features may not be popular with customers Go to article: Looking to stop payment fraud? Modernise your approach to bank validation Go to article: Governments must intervene on anti-fraud funding for real-time payments Go to article: Knowledge sharing puts finance sector among best for cybersecurity Go to article: Deal activity related to cybersecurity in the retail banking industry since 2021  Go to article: Sponsorship opportunitiesGo to article: GlobalData Thematic IntelligenceGo to article: Next issue