42% of Critical Infrastructure organisations[1] have suffered a data breach, with 93% observing an increase in attacks.
The most common threats encountered were malware, phishing and ransomware. Nearly a quarter (24%) reported to have fallen victim to a ransomware attack in the past year, with 11% paying the ransom.
The leading cases of cloud-based breaches include:
- Human error came out on top, accounting for 34% of all attacks
- Exploiting a known vulnerability followed at 31%
- Failure to apply multifactor authentication (MFA) to privileged accounts (20%) were identified as other notable causes.
- Almost a third (30%) of CI organisations also experienced an insider threat incident
Compliance and planning errors
There’s a strong correlation between compliance achievement and reduced breaches. Of those who failed a compliance audit in the last 12 months, 84% reported having experienced a breach in their history. For those that have not failed a compliance audit, only 17% have any breach history, with just 2% having a breach in the last 12 months.
Despite 93% reporting an increase in attacks, limited planning and compliance continues to plague CI organisations: ransomware attacks are up 4% since 2022 and only 15% have a formal ransomware plan in place.
Emerging threats
69% of CI respondents are worried about the risk of encryption compromise when quantum computing becomes a reality. Despite this, only half plan to create resilience contingency plans to satisfy quantum computing security concerns in the next 18-24 months.
The shift to cloud environments has also proved problematic for CI organisations, with 51% agreeing that managing security in the cloud is more complex than managing security within on-premise environments. The majority (55%) also stated they are concerned about the security of their data in the cloud, highlighting the need for robust cloud security measures.
“Critical National Infrastructure operates across countless industries – from the utilities that households and businesses rely upon, to the telecommunications and transport systems that keeps society running. Needless to say, CI organisations face very tangible consequences should a breach be successful.” said Tony Burton, Managing Director – Cyber Security & Trust at Thales UK
“By operating complex, highly diverse, and inter-dependent technologies, the range of risks on the table is also diverse. This report highlights the need for CI organisations to take proactive measures to build cyber resilience across their distributed operations, addressing human error, ransomware, compliance, and access management concerns. Emerging technologies, if leveraged appropriately, will ultimately provide greater efficiencies and security on these fronts.” Burton added.