+1 (342)-(323)-4923

UK power grid vulnerable as government failing on cyber security

UK power grid vulnerable as government failing on cyber security
By: Sky News Posted On: November 19, 2018 View: 7

UK power grid vulnerable as government failing on cyber security

The government is failing to deliver on promises to protect the UK's critical national infrastructure (CNI) from cyber attacks, a report from a parliamentary committee has warned.

The threat to critical infrastructure, including the power grid, is growing, the committee reported, with some states -"especially Russia" - starting to explore ways of disrupting CNI.

"In addition, some organised crime groups are becoming as capable as states, thereby increasing the number and range of potential attackers," the report added.

In a joint technical alert issued earlier this year, security agencies in the US and UK accused the Kremlin of being behind an ongoing hacking campaign targeting CNI in both countries.

The alert followed an advisory notice which warned that companies connected to CNI were being targeted by attackers believed to be based in eastern Europe.

Ciaran Martin, the head of the UK's National Cyber Security Centre (NCSC), has warned that a major attack on the country is a matter of "when, not if" - but the report accuses the government of failing to respond to this risk assessment "with a meaningful sense of purpose or urgency".

Describing the problem of cyber security within CNI as "wicked", the report published on Monday from the joint committee on the national security strategy, extends its criticism to the government's expectations of the NCSC, expectations which it said "are outstripping the resources put at its disposal".

:: What can the UK actually expect in a cyberwar

Picture shows Hinkley Point A to the right of development land where the reactors of Hinkly C nuclear power station at Hinkley Point will be built.
Image: Power stations including Hinkley Point could be targeted

Legislation developed by the European Union and implemented in the UK this year introduced fines of up to £17m for CNI organisations if their cyber security preparations were not up to standard.

Although the UK will keep these regulations following Brexit, the committee noted with concern that the country's "participation in EU-wide information-sharing and capacity-building is still subject to negotiation".

Stuart McKenzie, the EMEA vice-president at the incident response arm - Mandiant - of cyber security firm FireEye, said he agreed with the committee's description of cyber security as a "wicked" problem.

"Much of the technology used within CNI has grown organically, but remains fragile and relies on outdated technology in terms of security," Mr McKenzie explained.

"The threats facing CNI have constantly evolved, meaning that today's threat is something that wasn't imaginable when many of the systems were originally designed, leaving them increasingly vulnerable. "

:: Naming Russia offers cyber security its #MeToo moment

LONDON, ENGLAND - FEBRUARY 14: A member of staff poses for a photograph at a workspace in the National Cyber Security Centre on February 14, 2017 in London, England. The National Cyber Security Centre (NCSC) is designed to improve Britain's fight against cyber attacks and act as an operational nerve centre. (Photo by Carl Court/Getty Images)
Image: The NCSC was founded in 2016 to improve the UK's cyber security

The joint committee also identified a lack of identifiable political leadership to strengthen cyber security within the UK's critical infrastructure.

It wrote: "There is little evidence to suggest a 'controlling mind' at the centre of government, driving change consistently across the many departments and CNI sectors involved."

As such it called for a cyber security minister post to be created - effectively a Cabinet Office minister designated as a cyber security lead.

More from Science & Tech

This minister would "in a war situation, [have] the exclusive task of assembling the resources - in both the public and private sectors - and executing the measures needed to defend against the threat".

The government has not yet responded to the committee's report.

Read this on Sky News Ad1
  Contact Us
  Webhelios Ltd.

67/2 Lorem Ipsum

Tel : + (88) - 8XX XXX
Mail :
Business Hours : 9:30 - 5:30

  Follow Us

Lorem ipsum dolor sit amet, consectetur adipisicing elit. Excepturi, dolores, quibusdam architecto voluptatem amet fugiat nesciunt placeat provident cumque accusamus itaque voluptate modi quidem dolore optio velit hic iusto vero praesentium repellat commodi ad id expedita cupiditate repellendus possimus unde?