A recent report from Semperis reveals that over three-fifths of water and electricity firms in the US and UK were targeted by cyber-attacks in the past year. Of the 62% of companies affected, 80% experienced multiple attacks, with 59% suffering operational disruptions. More concerning, 54% of the affected organizations experienced permanent data or system corruption, highlighting the vulnerability of critical infrastructure. Semperis emphasizes the urgent need to harden these systems and protect essential services like power grids and water supplies.
The majority of the attacks targeted “Tier 0” identity systems, including Active Directory and Entra ID, which could provide attackers with complete network control. Recent examples of cyber threats include the Volt Typhoon group’s extended access to the OT network of Littleton Electric Light and Water Departments in Massachusetts. This Chinese APT group maintained access for nearly a year, showcasing the growing challenge utilities face in protecting their infrastructure. Similarly, the Russian Black Basta ransomware group targeted UK utility Southern Water, stealing sensitive data.
To address these challenges, Semperis recommends four key steps for improving cyber resilience in utility firms. These steps include identifying critical “Tier 0” infrastructure, prioritizing response and recovery efforts, and ensuring the security of backups. The foundation of these efforts lies in comprehensive documentation and real-world testing of incident response processes involving all stakeholders.
With cyberattacks on critical infrastructure on the rise, Semperis urges utilities firms to focus on strengthening their defenses. The report stresses the importance of a proactive approach to cybersecurity, especially as both nation-state and criminal actors target the backbone of essential services. By taking preventive measures and preparing for quick recovery, these firms can better mitigate the risk of destructive cyberattacks.
Reference:
