The UK’s energy sector was the target of 24% of all cybersecurity incidents in the country last year, new research from IBM Security has found.
This makes the energy sector the most targeted industry, followed by the manufacturing and financial services sectors, which each received 19% of all attacks.
In 2021, the UK became one of the top three most attacked countries in Europe, IBM Security’s 2022 X Force Threat Intelligence Index found, along with Germany and Italy.
The report highlighted how the cost of cyberattacks trickle down to consumers, with this coming at a time of increased pressure on the energy industry and rising energy costs for consumers as a result of Ofgem increasing the price cap.
There is therefore an urgent need for robust cyber resiliency in the energy industry alongside the other critical industries most commonly targeted, the report said, detailing several recommendations organisations can take to better secure their networks from cyber threats.
These include implementing multifactor authentication on every remote access point into a network, adopting a layered approach to combat phishing, refining and maturing vulnerability management systems and developing a response plan for ransomware.
Laurance Dine, global partner, X-Force Incident Response, IBM, said: “Businesses must start operating under the assumption of compromise, putting the proper controls in place to defend their environment and protect critical data.”
Ransomware has accounted for more than one in five cyberattacks worldwide, and 15% of cyberattacks in the UK, with the REvil ransomware group responsible for 37% of all ransomware attacks X-Force observed in 2021.
The REvil group was also responsible for a ransomware attack on Elexon in 2020, with attackers managing to access the company’s internal IT systems on 14 May. Documents obtained during this attack were then reportedly posted online a month later.
The report found that data theft was the most common attack type in the UK in 2021, making up 31% of all incidents, while phishing was the top infection method used against UK business in 2021, leading to 63% of incidents.
Other notable cyberattacks in the energy industry in recent years include European energy giant Energias de Portugal (EDP) being hit by a ransomware attack in April 2020, energy supplier People’s Energy – which recently shuttered – being the target of a cyberattack in December 2020 and energy supplier npower’s app being hacked in February 2021.
In response to the report’s findings, Simon Hepburn, CEO of the UK Cyber Security Council said that investment in training and professional development opportunities to expand the cybersecurity workforce is “imperative”, with the research highlighting “the constantly evolving nature of the global cyber threat”.
The UK has been stepping up efforts to meet the security challenge, with the government publishing the National Cyber Strategy and Government Cyber Security Strategy 2022-2030. It has also proposed amendments to the Network and Information Regulations to improve the cyber resilience of UK businesses.
Additionally, the government’s latest Annual Cyber Sector Report also underscored the level of investment in the cybersecurity sector last year, with the industry reporting revenues of over £10 billion.
Last year also saw DNV publish new guidelines for power transmission and distribution operators and equipment manufacturers on cybersecurity, with these detailing 45 risk-reducing measures to improve the cybersecurity of protection devices and digital technologies in power system substations.