Freely subscribe to our NEWSLETTER

“There is a growing prevalence of cyber attacks on UK’s critical infrastructure. A few weeks ago, there was a ransomware attack on South Staffordshire Water as a criminal group broke into the company’s network and demanded payment, and now it’s transportation company Go-Ahead’s turn, affecting its bus services in major UK cities.

“These sectors underpinning national infrastructure such as transport are characterised by distributed architecture – in terms of having multiple sites and multiple interface points with suppliers. This makes targeting them very attractive for hackers, as there are often numerous weak points and it’s easy for them to exploit vulnerabilities.

“This kind of attack not only affects the business in question, more importantly it impacts public services and calls public safety into question. It’s of the utmost importance that critical infrastructure is protected, and that when a breach does occur, it is contained, and the consequences effectively mitigated.

“Go Ahead has several lines of operations – running bus and rail networks across the UK as well as in other countries such as in Scandinavia. The company has announced that rail networks were not affected, pointing to the probable presence of proper detection and protection mechanisms being in place. However, we still recommend organisations – particularly of Go Ahead’s size – perform network segmentation and protection between business lines in order to protect against the possibility of breaches. Due to the fact Go Ahead is a multinational company, it’s also advisable to segment IT architecture in its various geographical locations to ensure the containment of a possible cyber incident.”