Nuclear power stations face critical cyber threat, warns energy minister

International cyber criminals are targeting security vulnerabilities in critical national infrastructure including the UK’s power stations and transport network, ministers have warned

by the commentator on 3 April 2017 10:27

Jason-blackeye-136827

Britain’s Critical National Infrastructure (CNI) is facing a growing threat from cyber terrorists, government ministers have warned. Speaking to the Sunday Telegraph Jesse Norman, the energy minister said that nuclear plants must make sure that they “remain resilient to evolving cyber threats”.

Mr Norman added  “The Government is fully committed to defending the UK against cyber threats, with a £1.9 billion investment designed to transform this country’s cyber security.”

It is understood that hackers are seeking to breach the cyber security of major nuclear site to launch a terrorist attack.

Norman also said the civil nuclear strategy published in February sets out ways to ensure that the civil nuclear sector “can defend against, recover from, and remain resilient to evolving cyber threats”.

The gravity of the threat was underlined by Peter Carlisle, European chief at Thales e-Security who said, “Cyberattacks against critical national infrastructure are set to increase dramatically as criminals develop increasingly heinous methods to jeopardise Britain’s national security. From power stations to the transport network, the risk to the public remains severe, especially if hackers are able to gain access to electronic systems.

Carlisle continued, “To tackle this, the security industry must stand shoulder to shoulder with the government to protect data and critical infrastructure from attack and ensure hostile forces never have the opportunity to do us harm.”

Responding the news, Dr Malcolm Murphy, Technology Director, Western Europe, Infoblox said, “Attacks against IT networks are becoming increasingly common and, if carried out against critical national infrastructure, can represent a significant threat to national security.

In addition to the damage caused to the networks themselves, a DDoS attack on an organisation’s Domain Name System can be used to prevent communication of and around the attacks, causing confusion and panic as seen in the attack on the Ukraine power grid in 2015.”

Meanwhile Joep Gommers, CEO at EclecticIQ said, “With the threat landscape evolving, and attacks becoming ever-more sophisticated, having time to stop and think about the actor behind the malicious intent may seem like a luxury. However, businesses and governments need to start looking at cyberattacks from the adversary's perspective, pinpointing the actor’s motivation behind the attack.

“Until those actor’s motivations are fully understood, any attempt to prevent attacks, on critical infrastructure or otherwise, will be based on the outcome of the attack rather than providing an intelligent view into what indicators pre-empt an attack.

“Whatever the intent, understanding the business model or motive of the actor can provide an organisation or government with enough insight to not only influence it, but stop it altogether and be ready for similar attacks in the future. Intelligence plays a key role in providing a bigger picture beyond the impact of the attack itself and is critical to developing an effective defence,” concluded Gommers.

Comments
blog comments powered by Disqus