In the 2003 edition of the National Risk Register report, the UK government warns that a serious cyber-attack on UK critical infrastructure has a 5–25% chance of happening over the coming two years.
The report is based on the government’s internal, classified National Security Risk Assessment, and considers malicious risks such as terrorism and cyber-attacks alongside non-malicious risks like severe weather incidents. It lists several cyber-related risks, including attacks on:
- Gas infrastructure
- Electricity infrastructure
- Civil nuclear facilities
- Fuel supply infrastructure
- Government
- Health and social care systems
- Transport sector
- Telecommunications systems
The assessment ranks the likelihood of these attacks happening in the next two years as a “4” on a scale of 1–5. The predicted attacks involve “encrypting, stealing or destroying data upon which critical systems rely on or disruption to operational systems” resulting in economic cost measuring in the billions of pounds, possible fatalities of up to 1000 people and casualties of up to 2000.
The report also mentions AI as a “chronic risk” that poses “continuous challenges that erode our economy, community, way of life, and/or national security.”
George McGregor, VP, Approov had this to say:
“This report presents quite a wide-ranging litany of threats and their consequences but unfortunately the “response capability requirements” for each one are very generic and do not make clear which players must take action. Linking this document to more specific mitigation and response guidelines for each area (eg cybersecurity) would make it more actionable.”
We’re past the point where cyberattacks are a mere inconvenience to businesses and the general public. They’re now in a place where they could kill people. If that isn’t an incentive for organizations of all sizes in all sectors to get their houses in order from a cybersecurity perspective, I don’t know what will make them do the right thing.
Like this:
Like Loading...
Related
This entry was posted on August 5, 2023 at 9:04 am and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
The UK Gov Fears That Cyberattacks On Infrastructure Could Kill Thousands
In the 2003 edition of the National Risk Register report, the UK government warns that a serious cyber-attack on UK critical infrastructure has a 5–25% chance of happening over the coming two years.
The report is based on the government’s internal, classified National Security Risk Assessment, and considers malicious risks such as terrorism and cyber-attacks alongside non-malicious risks like severe weather incidents. It lists several cyber-related risks, including attacks on:
The assessment ranks the likelihood of these attacks happening in the next two years as a “4” on a scale of 1–5. The predicted attacks involve “encrypting, stealing or destroying data upon which critical systems rely on or disruption to operational systems” resulting in economic cost measuring in the billions of pounds, possible fatalities of up to 1000 people and casualties of up to 2000.
The report also mentions AI as a “chronic risk” that poses “continuous challenges that erode our economy, community, way of life, and/or national security.”
George McGregor, VP, Approov had this to say:
“This report presents quite a wide-ranging litany of threats and their consequences but unfortunately the “response capability requirements” for each one are very generic and do not make clear which players must take action. Linking this document to more specific mitigation and response guidelines for each area (eg cybersecurity) would make it more actionable.”
We’re past the point where cyberattacks are a mere inconvenience to businesses and the general public. They’re now in a place where they could kill people. If that isn’t an incentive for organizations of all sizes in all sectors to get their houses in order from a cybersecurity perspective, I don’t know what will make them do the right thing.
Share this:
Like this:
Related
This entry was posted on August 5, 2023 at 9:04 am and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.