Following a recent attack on Polish power that has been attributed to Moscow, a senior manager from the UK’s cyber intelligence agency has urged CNI operators to fortify their defences

One of the UK’s top cybersecurity officials has warned organisations running the UK’s critical national infrastructure that they must “act now” to bolster their resilience to attacks.

Jonathon Ellison, director for national resilience at the National Cyber Security Centre said that “cyberattacks disrupting everyday essential services may sound far-fetched, but we know it’s not”. In a recent LinkedIn post, the NCSC exec pointed to an assault launched on the energy infrastructure of Poland – which the country’s prime minister Donald Tusk has said were likely “prepared by groups directly linked to the Russian services”.

“Our Polish partners recently publicly shared how some of the country’s critical infrastructure was targeted just after Christmas by coordinated attacks, including against a heat and power plant and several renewable energy generators,” Ellison wrote. “They likened the attempted disruption to arson. Incidents like this speak to the severity of the cyberthreat and highlight the necessity of strong cyber defences and resilience. Operators of UK critical national infrastructure (CNI) must not only take note but, as we have said before, act now.”

The resilience leader encouraged infrastructure providers – and those that regulate their services – to refer to the NCSC’s broad Cyber Assessment Framework, as well as to dedicated guidance for the CNI sector which offers advice on “how to prepare for and plan your organisation’s response to severe cyberthreat, [and] which sets out defensive actions that may be proportionate if the cyberthreat to the UK were to increase”.

Related content

• NCSC sees doubling of ‘nationally significant incidents’ this year
• NCSC head warns of fundamental ‘contest for cyberspace’ as annual report shows 44% hike in most serious incidents
• New GDS-led cyber ops will be ‘more interventionist’

“Setting clear security requirements enforced by effective regulators and supported by the NCSC’s guidance, tools and services are essential to ensure that government has greater assurance that CNI operators are implementing baseline cyber security controls,” Ellison added. “We know the threat is not a static component of our risk calculations, however, and it should be monitored by operators to enable them to take informed and well-planned steps to protect their infrastructure.”

Such steps “require careful preparation and forethought [and] cannot be improvised under pressure”, according to the NCSC leader.

“Although attacks can still happen, strong resilience and recovery plans reduce both the chances of an attack succeeding and the impact if one does,” he said.

In a press release issued last month, the Polish government asserted that the power plant attacks – which took place on 29 and 30 December – had resulted in “no blackout or other negative consequences”.

Prime minister Tusk added: “The systems we have in Poland today proved effective. At no point was critical infrastructure… meaning the transmission networks and everything that determines the safety of the entire system… threatened.”