The UK’s Emergency Services are at risk of a major cyber attack. That’s the key finding of a new landscape analysis issued by threat intelligence provider Anomali. The detailed UK Threat Landscape Report, which explores the UK’s Critical National Infrastructure against threats and possible vulnerabilities, points towards a number of weak spots in the UK which could well attract an attack episode. According to Anomali, one of the most notable is the Defence Equipment and Supply Organisation which presents “a prime target” for actors seeking to disrupt defence procurement.
Other key findings of the analysis include the vulnerability of the UK’s energy infrastructure. 21% of all electricity is generated by 15 nuclear reactors, all of which are owned by EDF. This combination of monopoly of ownership and geographic clustering means that the civil nuclear sector is constantly on a high state of alert for a terrorist or cyber-related attack.
Commenting on the findings of the landscape analysis, Hugh Njemanze (CEO of Anomali) stated: “The UK presents a complex cyber risk picture. Previous foreign policy commitments and current tensions between NATO and other nation states make it a target for international terror organisations. Within the UK, the nature of the economy and industry present a combination of opportunity and risk to those looking to plan a hybrid attack. The network of small and medium-sized enterprises which support Critical National Infrastructure strengthens its resilience, whereas the geographical clustering of industries can weaken the system, in turn creating vulnerability to attack.”
Njemanze added: “The UK’s Emergency Services are a prime example of this. The breadth and complexity of the organisations which comprise this mean there are a number of points of potential weakness. The number of notable attacks over the past few years are testament to this weakness. It’s clear that the UK’s Emergency Services need to take action to stop this heightened risk becoming a reality. One of the best means of preventing these attacks is ensuring that knowledge of cyber threats is shared between Emergency Services operators such that all can ensure the resilience of their networks.”
In conclusion, Njemanze informed Risk UK: “In addition to this, the UK’s Financial Services sector, which is a key pillar of the economy, is highly vulnerable to cyber attacks. It’s subject to regular and significant stress tests by the Bank of England to prevent a major disruption to the economy.”