Introduction
The increasing frequency and sophistication of cyber-attacks on critical infrastructure, particularly in the water and electricity sectors in the US and UK, highlight significant vulnerabilities and the urgent need for enhanced cybersecurity measures.
Description
Over three-fifths of water and electricity firms in the US and UK were targeted by cyber-attacks in the past year, with a significant 62% of these organizations reporting incidents. Alarmingly, 80% of those attacked experienced multiple incidents [9], leading to serious disruptions for 59% and permanent corruption or destruction of data or systems for 54%. A study by Semperis, based on a survey of IT and security professionals at 350 water treatment plants and electricity operators [4] [9], revealed that a majority of attacks (82%) specifically targeted “Tier 0” identity systems, including Active Directory [1] [2] [5] [6] [7] [8], Entra ID [1] [2] [4] [6] [7], and Okta [1] [2] [4] [6] [7], which are critical for user authentication and access control [5]. High-profile incidents, such as a prolonged access breach linked to the Chinese state-sponsored group Volt Typhoon at a public utility in Littleton, MA [2] [7], and a ransomware attack by the Russian Black Basta group on Southern Water in the UK [4], underscore the vulnerabilities of critical infrastructure and the theft of personal data.
The UK’s National Cyber Security Centre has identified state-aligned actors as significant cyber adversaries [5], particularly targeting essential infrastructure like water treatment facilities and electricity grids [5]. Chris Inglis [1] [3] [4] [9], a strategic advisor at Semperis and former US national cybersecurity director [1] [4] [9], emphasized the critical nature of these systems and the urgent need for enhanced security measures [4]. Simon Hodgkinson [6], a former CISO and strategic advisor at Semperis [6], noted that utilities are prime targets for nation-states [6], which view infrastructure attacks as opportunities for international leverage [6]. He stressed the importance of securing the systems that support power grids and clean drinking water [3] [9], urging the need to strengthen defenses and eliminate criminal elements [3].
Despite the high risk [5], many organizations lack the necessary tools to detect breaches in identity systems [5], with only about one-third of respondents recognizing identity system compromise as a top cybersecurity concern [5]. To enhance resilience against cyber threats [1] [2] [7], utilities are advised to adopt a comprehensive approach that includes identifying essential infrastructure components, prioritizing incident response for critical systems [2] [6] [7], documenting and practicing recovery processes [2] [6] [7], and ensuring secure recovery to prevent attackers from maintaining persistence through compromised backups [7]. The report emphasizes the need for a proactive approach to cybersecurity [6], especially in light of increasing cybercrime associated with trade sanctions and evolving threats [6]. Ciaran Martin [5], a cybersecurity expert [5], stressed the importance of being prepared to act swiftly when cyber threats occur [5], while Mickey Bresman [1] [5], CEO of Semperis [1], highlighted that organizations should assume adversaries may already be within their networks and have a tested recovery plan ready for deployment [5]. Immediate action is urged to strengthen defenses against these escalating cyber threats, as a prolonged outage could have severe repercussions for economies and societies [5]. Leadership commitment to improving operational resilience is essential for securing critical infrastructure [5].
Conclusion
The persistent threat of cyber-attacks on critical infrastructure necessitates immediate and robust action to mitigate potential impacts. Organizations must prioritize the security of identity systems and adopt comprehensive cybersecurity strategies to enhance resilience. As cyber threats continue to evolve, proactive measures and leadership commitment are crucial to safeguarding essential services and ensuring the stability of economies and societies.
References
[1] https://betanews.com/2025/04/03/cyberattacks-on-utilities-pose-risk-to-public-safety/
[2] https://www.semperis.com/press-release/cyberattacks-water-electric-utilities-threaten-public-safety-economic-stability/
[3] https://insight.scmagazineuk.com/water-and-electricity-companies-suffer-severe-damage-from-cyber-attacks
[4] https://ciso2ciso.com/over-half-of-attacks-on-electricity-and-water-firms-are-destructive-source-www-infosecurity-magazine-com/
[5] https://smartwatermagazine.com/news/smart-water-magazine/cyber-threats-water-and-power-grids-escalate-new-report-warns
[6] https://www.thinkdigitalpartners.com/news/2025/04/03/cyberattacks-on-water-and-electric-utilities-under-attack/
[7] https://www.prnewswire.com/news-releases/new-semperis-study-reveals-that-cyberattacks-on-water-and-electric-utilities-threaten-public-safety-and-economic-stability-302419191.html
[8] https://newsbywire.com/new-semperis-study-reveals-that-cyberattacks-on-water-and-electric-utilities-pose-a-risk-to-public-safety-and-economic-stability/
[9] https://www.infosecurity-magazine.com/news/half-attacks-electricity-water/
