British critical infrastructure at risk – Report of the United Kingdom Joint Committee on National Security Strategy
The UK’s Joint Committee on National Security Strategy (JCNSS) has published an alarming report warning of the potential consequences of ransomware attacks (involving the blocking of data for ransom and its potential disclosure or destruction) against the country’s critical infrastructure. According to the committee, the United Kingdom faces a real threat, and a coordinated attack could cause serious damage to the country’s security system, economy, and the daily lives of its citizens. The Committee’s Chair, Margaret Beckett, stated during the report presentation that “the United Kingdom is one of the most digitally attacked countries in the world.”
The report indicates that the country’s critical infrastructure, including healthcare and local government sectors, is vulnerable to cyberattacks and incapable of fully preventing them. Some sectors rely on older computer systems or have limited financial capabilities, making them particularly susceptible to such cyber threats. The report also identified the Achilles’ heel of British critical infrastructure as supply chains in the energy, water, telecommunications, and transportation sectors.
The Commission emphasizes that an attack could occur at any time, and the current defensive measures of the government are insufficient to effectively protect against a large-scale attack. Importantly, the report confirmed that the majority of hacker groups attacking the United Kingdom originate from Russia or neighboring countries and conduct attacks with the silent approval of the Kremlin. Among the sources of cyberattacks, groups of hackers from North Korea and Iran were also identified.
In light of this, the parliamentary committee calls on the government to take urgent steps to strengthen the country’s defense and readiness. The implementation of existing cybersecurity resilience regulations has been deemed inadequate. Allocating resources and increasing funding for agencies combating ransomware attacks, which have become a major threat to national security, is considered a top priority.
The Committee also proposed conducting regular national exercises to prepare for the consequences of serious attacks and modernizing and increasing funding for the National Cyber Security Centre (NCSC). The UK government has two months to respond to the published recommendations and present an action plan to secure the country against potential attacks.