UK’s Critical infrastructure vulnerable to DDoS attacks
According to data revealed under the Freedom of Information Act by Corero Network Security, over one-third of critical infrastructure organizations in the UK are vulnerable to DDoS attacks. As per Corero, 39 percent of companies have ignored the risk of attacks on their network, leaving themselves vulnerable to data breaches, malware, and ransomware.
In a statement issued today, Sean Newman, director of product management at Corero, comments: “Cyber-attacks against national infrastructure have the potential to inflict significant, real-life disruption and prevent access to critical services that are vital to the functioning of our economy and society. These findings suggest that many such organizations are not as cyber resilient as they should be, in the face of growing and sophisticated cyber threats.”
Newman adds, “By not detecting and investigating these short, surgical, DDoS attacks on their networks, infrastructure organizations could also be leaving their doors wide-open for malware or ransomware attacks, data theft or more serious cyber attacks.”
Under the UK government’s proposals to implement the EU’s Network and Information Systems (NIS) directive, these organizations could be liable for fines of up to £17 million, or four percent of global turnover.
David Emm, the principal security researcher at Kaspersky Lab said, “The world isn’t ready for cyber-threats against critical infrastructure – but criminals are clearly ready and able to launch attacks on these facilities. We’ve seen attempts on power grids, oil refineries, steel plants, financial infrastructure, seaports and hospitals – and these are cases where organizations have spotted attacks and acknowledged them. However, many more companies do neither, and the lack of reporting these incidents hampers risk assessment and response to the threat.”
Edgard Capdevielle, CEO of Nozomi Networks, also commented: “This report emphasizes the impact of DDoS attacks and how they are often used as a cover to distract security teams while infecting systems with malware or stealing data. Such initiatives are often the first step in “low and slow”. He further added that “In light of this information, CNI organizations should give a high priority to re-assessing their cyber-security programs, evaluate where they are in relation to government recommendations, and inform themselves about current technologies available for protection….The right approach is to both shore up defenses and be able to quickly respond when attacks do occur.”
Targeting CNI, Eldon Sprickerhoff, founder and chief security strategist at entire said, “Although cyber-security regulations will require significant effort for the companies that are affected, this new legislation by the UK government demonstrates that they understand the severity of cyber-threats in today’s digital world and the destruction they can cause, if undeterred. Even if you’re not a CNI, cyber-threats should concern you. With cyber-criminals constantly adjusting their tactics, it is imperative that companies never stop defending themselves by constantly improving and expanding their cyber-security practices. Managed detection and response and incident response planning are common ways companies can stay ahead of their attackers.”
Here are five tips to help you can stay ahead of cybercriminals:
- Encryption – store sensitive data that is only readable with a digital key
Integrity checks – regularly check for any changes to system files
Network monitoring – use tools to help you detect for suspicious behavior
Penetration testing – conduct controlled cyber-attacks on systems to test their defenses and identify vulnerabilities
Education – train your employees in cyber-security awareness and tightly manage access to any confidential information