Critical national infrastructures such as the energy sector, public transportation, commercial facilities, government and defense, and medical services, among others, have been under attack in recent years, following a large volume of security vulnerabilities and a lack of encryption.
Countries around the world have detected cyberattacks on their infrastructures, but no attack dominated the media spotlight as much as the 2010 computer worm Stuxnet. The piece of sophisticated malware went after SCADA systems and was launched against Iran’s nuclear network, causing severe damage. After research, the idea that the US and Israel were behind the attack became popular, even neither government officially acknowledged it.
There is obviously a need for increased cybersecurity in health, logistics and energy, especially since many governments have been investing in projects to incorporate the Internet of Things into daily life and operations. While a lot of cities are looking into becoming smart, connected devices represent a top risk, increasing chances of getting hacked due to a lack of proper security patches and countless vulnerabilities. What’s worse is that hackers are no longer simply doing it for fun, but are after serious cash because they can attract funding from government seeking to go after rival nations.
On this note, British MPs want to bring to the attention of Parliament the urgency to improve the country’s cybersecurity and early-detection strategy, fearing their critical national infrastructure is at serious risk. A survey by NCC Group and YouGov found that MPs believe cyberattacks that will cripple their nuclear framework, hospitals and energy services are only a matter of when, not if. As many as two thirds of respondents said the biggest threat at the moment is a cyberattack launched against the country’s critical infrastructures.
The survey further states that 75 percent fear a leak of their personal emails could jeopardize the security of the House of Commons. Conservatives appeared more concerned about hacks on nuclear infrastructures, while Labour MPs were more concerned about democratic interference.
“It’s very positive to see that a majority of MPs are aware of the different threats we face and realize the gravitas of a successful attack, particularly with regards to our resilience as a nation,” said NCC Group’s Global Chief Technical Officer Ollie Whitehouse.
“In recent years, the government has been proactive in implementing initiatives to strengthen the UK’s stance against evolving technical and geopolitical threats which attempt to compromise the integrity of our nations. MPs play a significant role in these initiatives, so it’s important to maintain continued education around modern threats and informed dialogue amongst all stakeholders. This will ensure that parliamentary staff at all levels understand the steps they need to take, in both their professional and personal lives, in order to address cyber risk head on.”
EU’s NIS Directive, incorporated by the UK into national law, institutes guidelines to assist businesses and organizations with their cybersecurity strategy. Even though the process of understanding and fully complying with NIS and GDPR can be exhausting, the NIS directive outlines step-by-step measures that can be implemented by operators of essential services and digital services providers to contain attacks.