Your browser is no longer supported

For the best possible experience using our website we recommend you upgrade to a newer version or another browser.

Your browser appears to have cookies disabled. For the best experience of this website, please enable cookies in your browser

We'll assume we have your consent to use cookies, for example so you won't need to log in each time you visit our site.
Learn more

Critical infrastructure supply chain 'target of cyberattack campaign'


Hostile states are attacking the UK’s national infrastructure supply chain in an ongoing cyber campaign, the National Cyber Security Centre (NCSC), part of GCHQ, has said.

The campaign, which is focused on engineering and industrial control companies has been ongoing since March last year, an advisory report has revealed. 

NCSC’s report did not name the hostile states involved but referenced a US Department of Homeland Security technical alert, which was published on 15 March, that identified the Russian government as the source of similar attacks in the America.

Last month National Grid was told to increase its security measures in the face of an increased threat of a Russian cyber-attack, The Times reported. The latest warning comes amid deteriorating international relations following a nerve agent attack on a former Russian spy in Salisbury.

The advisory note said: “The NCSC is aware of an ongoing attack campaign against multiple companies involved in the Critical National Infrastructure (CNI) supply chain. These attacks have been ongoing since at least March 2017. The targeting is focused on engineering and industrial control companies.”

The government defines CNI as infrastructure that, if lost or compromised, “would result in major detrimental impact on the availability, delivery or integrity of essential services, leading to severe economic or social consequences or to loss of life.”

The increased connectivity of the UK’s critical infrastructure could leave it vulnerable to a cyber attack, experts have warned. “The new digital reality is a highly connected world, and with that comes multiple threats of attacks,” Atkins technical director Ian Buffey told New Civil Engineer in January. “As increasing interconnectivity leads to more complex systems, ensuring the safety and security of assets or services becomes more challenging.”

The World Economic Forum’s Global Risk Report published in January identified cybersecurity as one of the biggest threats the world will face this year. 


Have your say

You must sign in to make a comment

Please remember that the submission of any material is governed by our Terms and Conditions and by submitting material you confirm your agreement to these Terms and Conditions. Please note comments made online may also be published in the print edition of New Civil Engineer. Links may be included in your comments but HTML is not permitted.