CNI & Defence



Operational technology and industrial control systems of critical national infrastructure have been subject to the highest levels of cyberattack over the past 12 months, with 86% of UK CNI falling victim. Worryingly, 93% of those that experienced attacks in this period admitted that at least one was successful. It’s a trend that’s increasing all across the globe.


CNI infrastructure is becoming increasingly connected. That brings clear benefits, but also widens the attack surface and increases opportunities for cyber criminals. This is extremely worrying when taking into consideration other issues such as smaller budgets, lack of skills and awareness of cyber security, legacy infrastructure, and increasingly complex supply chains.

It’s not a case of if, but when. The loss or compromise of critical elements of infrastructure would cause serious disruption to our lives and economies.

Attacks could be acts of espionage, hacktivism or targeted strikes from state sponsored cybercriminals, intent on destabilising countries and trading blocs. These cyber threats vary in their scale and impact but could all start with something as small and seemingly harmless as a USB device. A USB infected with malware could provide a cyber criminal with access to user accounts, confidential data, control over operational systems, and the power to disrupt services and defences that we all rely on.


The worst cyber-attack in DoD history came from a USB drive that was found in a car park. An employee plugged it into a DoD computer network, a virus called ‘agent.btz’ quickly spread throughout the U.S. military’s classified and unclassified networks. No one knows if any data was stolen or who created it – just that it took 14 months to eliminate.

The WannaCry attack on the NHS in 2017 is perhaps the best example of the damage that ransomware can inflict on CNI. It caused the cancellation of 19,000 appointments and cost the NHS £92 million.


Both the private and public sectors need to develop a new approach to protect their services from cyber threats and strengthen the cyber resilience of their most critical systems. The KUB is an essential part of any cyber security strategy, in order to protect against USB devices and the human factor – whether it’s an innocent mistake or a malicious plan. The KUB helps to ensure GDPR compliance, educates users in cyber security and regulatory compliance, and reduces the risks of BYOD and an increasingly remote workforce.