Intelligent CISO Issue 40 - Page 41

EXPERT OPINION

The ‘ cumulative effect ’ of ransomware and the lessons for UK national infrastructure

Ransomware has quickly become one of the biggest threats to organisations , and business leaders must get a hold on their infrastructure and ensure they operate with the most stringent security procedures in place . Adam Enterkin , SVP , EMEA , BlackBerry , tells us what the UK should be learning from the recent Colonial Pipeline hack and how we must prepare in order to give ourselves the best chance of protecting data , funds and the daily lives of all those living in the UK .
Ransomware is the

R biggest threat to British people and businesses . That ’ s according to Lindy Cameron , Chief Executive of the UK ’ s National Cyber Security Centre .

In a recent speech , she warned of the ‘ cumulative effect ’ society would feel if it failed to deal with this rising threat . But what effect is she speaking of ?
We need only look to our US neighbours to answer this . The Colonial Pipeline hack in May 2021 pushed gasoline shortages to their worst in three years . Prices skyrocketed , impacting citizens and businesses simply wishing to go about their daily lives .
For all this disruption , there was little justice . Its perpetrator , DarkSide , is – by all estimations – still at large and ready to strike again .
Connected infrastructure is at greatest risk
Over the last 10 to 15 years , critical infrastructure has become increasingly connected to the Internet : highly connected hospitals , water and energy systems powered by intelligent sensors , government operations with deep roots in data and many more . This obviously has its benefits : most importantly the ability to be operated remotely . However , this connectivity also means the systems we rely on for our health , power and national security are susceptible to cyber threats . And in this regard , the Colonial Pipeline attack should serve as a wake-up call to those out there that needed one , as well as a reminder to those of us who were already aware of the threat .
All eyes have been on the UK ’ s critical national infrastructure , and particularly the NHS , since the pandemic began . Defending it is at the heart of the new Integrated Review of the UK ’ s foreign , defence , security and development policy , which seeks to ensure that those in control of Critical National Infrastructure have the knowledge , strategy and security to combat threat actors bent on bringing it down . But the infancy of this initiative means that some industries are still in the dark regarding the urgency of the threat and how to defend against it .
Ageing critical infrastructure around the globe has long been ripe for attack . Last year , the UK ’ s National Cyber Security Centre issued a joint warning alongside the US warning of Russian attacks on millions of routers , firewalls and devices used by infrastructure operators and government agencies .
The UK faces increasingly sophisticated threats from private attackers
What makes this situation more perilous is the fact that the Colonial Pipeline www . intelligentciso . com
41