The National Cyber Security Centre (NCSC) – part of the UK government’s intelligence and security organisation, GCHQ – has warned critical national infrastructure (CNI) organisations to be vigilant to an increased cyber threat “from state-aligned groups” in an alert published today.
The alert emphasised that these groups are not subject to state control and their motivations are not financial, meaning they are unpredictable and will likely have broader targets than typical cyber criminals.
The NCSC has highlighted that some groups, particularly those sympathetic to Russia’s invasion of Ukraine, have stated they intend to cause disruption and destruction on western CNI, including that within the UK.
As such, the NCSC is advising organisations within CNI sectors to be proactive in taking proportionate steps to ensure they are protected – recommending that they implement measures previously recommended prior to the Russian invasion of Ukraine in February 2022.
In addition, the NCSC has advised CNI organisations and their partners to be mindful of the guidance relating to secure system administration.
Organisations in the sectors listed below, or who are business and/or supply chain partners for these industries, should be aware of the heightened risk of cyber-attack by state-aligned groups.
- Chemicals
- Civil Nuclear
- Communications
- Defence
- Emergency Services
- Energy
- Finance
- Food
- Government
- Health
- Space
- Transport
- Water
The NSCS’s Cyber Assessment Framework is recommended as a useful tool for such organisations and their partners to assess their current security measures and find areas for improvement.
If you would like any advice around your cyber requirements, please get in touch.
Written by
Jake Wilson
Solicitor
Financial Services Regulatory
Related News, Insights & Events
Risk horizon scan: 2025
January is the optimal time for businesses to review risk registers against management plans and goals for the next 12 months.
Cyber security – looking back on 2024 and what businesses can expect in 2025
2024 was another year in which UK businesses battled to combat cyber security threats, which continue to impact organisations of all sizes across all sectors.
Scotland’s first Visitor Levy – How did we get here?
In the coming weeks, the City of Edinburgh Council (“CEC”) is set to introduce Scotland’s first Visitor Levy.