SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
Story image
Today

A new study conducted by Semperis has uncovered significant cyber threats facing water and electricity utilities in the UK and US, revealing that 62% of these operators have been affected by cyberattacks in the past year.

The survey, which included 350 operators, indicated that of the organisations hit by cyber threats, 57% experienced operational disruptions, and 54% endured permanent corruption or destruction of their data or systems. Furthermore, 59% of the attacks were attributed to nation-state-sponsored actors, highlighting the severity of the threat landscape faced by these critical infrastructure sectors.

The study pointed out that identity systems, including Active Directory, Entra ID, and Okta, were compromised in 67% of attacks. Additionally, 15% of operators remained uncertain about whether their identity systems had been breached.

Commenting on these findings, Chris Inglis, Semperis Strategic Advisor and former US National Cybersecurity Director, remarked on the potential infiltration of Chinese threat actors in public utilities. "Many public utilities likely don't realise that China has infiltrated their infrastructure. For instance, Chinese-sponsored threat actors like Volt Typhoon are known to prefer Living off the Land attacks, which are difficult to detect and can remain dormant, planting backdoors, gathering information or waiting to strike for months or even years," Inglis noted.

Recent events illustrate the vulnerabilities highlighted by the study. In the US, a cyber breach at American Water Works led to service disruptions, while in the UK, Southern Water experienced a significant data breach, impacting personal information due to the actions of the hacker group Black Basta.

Mickey Bresman, CEO of Semperis, emphasised the necessity to enhance resilience to ongoing threats. "If you don't improve resilience, attackers keep coming. Utilities have an opportunity to address this challenge. They need to assume breaches will happen, and through tabletop exercises, they can practice attack scenarios that could be a reality in the future," Bresman stated.

In the context of cyber resilience, the study underscores the critical nature of utilities' work and the potential public health risks associated with disruptions in water and electricity supply. "The systems that supply our power grids and our clean drinking water are the underpinning of everything we do. And yet we go about our business, confident that somebody else is going to handle it. Somebody else isn't going to handle it. We need to harden our systems and extract criminal elements — now," Inglis added.

To enhance resilience, the report suggests that utilities identify essential infrastructure components for recovery, prioritise incident response and recovery, document processes, and practise real-world scenarios beyond the immediate IT environment. It highlights the importance of secure recovery solutions, as attackers might target backups during recovery attempts.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X