UK power grid vulnerable as government failing on cyber security

4 min


The government is failing to deliver on promises to protect the UK’s critical national infrastructure (CNI) from cyber attacks, a report from a parliamentary committee has warned.

The threat to critical infrastructure, including the power grid, is growing, the committee reported, with some states -“especially Russia” – starting to explore ways of disrupting CNI.

“In addition, some organised crime groups are becoming as capable as states, thereby increasing the number and range of potential attackers,” the report added.

In a joint technical alert issued earlier this year, security agencies in the US and UK accused the Kremlin of being behind an ongoing hacking campaign targeting CNI in both countries.

The alert followed an advisory notice which warned that companies connected to CNI were being targeted by attackers believed to be based in eastern Europe.

Ciaran Martin, the head of the UK’s National Cyber Security Centre (NCSC), has warned that a major attack on the country is a matter of “when, not if” – but the report accuses the government of failing to respond to this risk assessment “with a meaningful sense of purpose or urgency”.

Describing the problem of cyber security within CNI as “wicked”, the report published on Monday from the joint committee on the national security strategy, extends its criticism to the government’s expectations of the NCSC, expectations which it said “are outstripping the resources put at its disposal”.

:: What can the UK actually expect in a cyberwar

Picture shows Hinkley Point A to the right of development land where the reactors of Hinkly C nuclear power station at Hinkley Point will be built.
Power stations including Hinkley Point could be targeted

Legislation developed by the European Union and implemented in the UK this year introduced fines of up to £17m for CNI organisations if their cyber security preparations were not up to standard.

Check out our sponsor before clicking proceed to vote, Thank you <3

Although the UK will keep these regulations following Brexit, the committee noted with concern that the country’s “participation in EU-wide information-sharing and capacity-building is still subject to negotiation”.

Stuart McKenzie, the EMEA vice-president at the incident response arm – Mandiant – of cyber security firm FireEye, said he agreed with the committee’s description of cyber security as a “wicked” problem.

“Much of the technology used within CNI has grown organically, but remains fragile and relies on outdated technology in terms of security,” Mr McKenzie explained.

“The threats facing CNI have constantly evolved, meaning that today’s threat is something that wasn’t imaginable when many of the systems were originally designed, leaving them increasingly vulnerable. “

:: Naming Russia offers cyber security its #MeToo moment

LONDON, ENGLAND - FEBRUARY 14: A member of staff poses for a photograph at a workspace in the National Cyber Security Centre on February 14, 2017 in London, England. The National Cyber Security Centre (NCSC) is designed to improve Britain&#39;s fight against cyber attacks and act as an operational nerve centre. (Photo by Carl Court/Getty Images)
The NCSC was founded in 2016 to improve the UK’s cyber security

The joint committee also identified a lack of identifiable political leadership to strengthen cyber security within the UK’s critical infrastructure.

It wrote: “There is little evidence to suggest a ‘controlling mind’ at the centre of government, driving change consistently across the many departments and CNI sectors involved.”

As such it called for a cyber security minister post to be created – effectively a Cabinet Office minister designated as a cyber security lead.

This minister would “in a war situation, [have] the exclusive task of assembling the resources – in both the public and private sectors – and executing the measures needed to defend against the threat”.

The government has not yet responded to the committee’s report.

Like it? Share with your friends!




Your email address will not be published. Required fields are marked *

Choose A Format
Personality quiz
Series of questions that intends to reveal something about the personality
Trivia quiz
Series of questions with right and wrong answers that intends to check knowledge
Voting to make decisions or determine opinions
Formatted Text with Embeds and Visuals
The Classic Internet Listicles
The Classic Internet Countdowns
Open List
Submit your own item and vote up for the best submission
Ranked List
Upvote or downvote to decide the best list item
Upload your own images to make custom memes
Youtube, Vimeo or Vine Embeds
Soundcloud or Mixcloud Embeds
Photo or GIF
GIF format