Ransomware threatens UK infrastructure

62% of cyber leaders in UK critical national infrastructure (CNI) organisations do not have a decision-making plan in place on whether to pay the ransom, despite rising ransomware attacks on CNI, according to new research by UK cyber security services firm Bridewell.

The research, which surveyed 521 cyber security decision makers in the communications, utilities, finance, government and transport and aviation sectors, reveals nearly eight-in-ten (79%) of cyber leaders in UK CNI organisations believe ransomware will significantly disrupt their operations in the next 12 months. Yet less than half have implemented critical measures to help prevent, detect, respond, and recover from ransomware.

According to the research, only 36% have a security information and event management (SIEM) platform that can help to detect a ransomware attack before the attacker completes their objective. Likewise, only 43% say they have implemented technical controls to prevent unauthorised access and stop key directories and files being deleted, overwritten or encrypted.

Gavin Knapp, Cyber Defence Technical Lead at Bridewell says: “All critical infrastructure organisations must be prepared to suffer a ransomware attack and have tailored response plans in place to deal with actors targeting both IT and OT operations. This should encompass third parties and remote access into the OT environment.

“Failure to prepare can result in the loss of IP, interruption to operations, and significant financial and reputational damage. It also often leaves organisations with no choice but to pay the ransom, which aside from being illegal in some countries, only further fuels the crisis.”

Threat groups and actors continue to see significant financial opportunities in the initial access broker and ransomware space, with modern day malware and intrusion frameworks increasingly adopting automated approaches to streamline and improve how they perform attacks. Bridewell is also seeing a significant reduction in the time between vulnerability disclosure and the weaponisation of ransomware, as well as a rise of ransomcloud attacks targeting weaknesses or legitimate functionality in cloud resources.

Yet the research found that only 46% are using cloud storage services with in-built ransomware protection, while just 42% have deployed a cloud access security broker. Concerningly, 84% say they have suffered at least one ransomware attack in the past 12 months, and 4 in 10 have suffered more than 5 attacks – an average of one every other month.

For more news updates, check out our May issue here.

Media contact 

Rebecca Morpeth Spayne, 

Editor, Security Portfolio 

Tel: +44 (0) 1622 823 922

About Security Buyer

Security Buyer is the leading authority in global security content, delivering expert news, in-depth articles, exclusive interviews, and industry insights across print, digital, and event platforms. Published 10 times a year, the magazine is a trusted resource for professionals seeking updates and analysis on the latest developments in the security sector.

To submit an article, or for sponsorship opportunities, please contact our team below.

Rebecca Spayne picture 2025

Rebecca Spayne

Managing
EDITOR

Georgina Turner image

Georgina Turner

Sales
Manager

Afua Akoto image - Security Buyer

Afua Akoto

Marketing Manager

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

Frank Mueller headshot

How LiDAR protects railways

Frank Mueller, Hexagon, presents a thought leadership perspective of the use of LiDAR in railway infrastructure.
Image provided by Customs support group

Hello Post-Brexit Security Protocols

Jo Cloherty, Senior Commercial Manager at Customs Support Group, explores the 2025 Safety and Security Protocols that have…
Two young intercultural programmers trying to solve problem with access to data while interacting in front of computers

DDoS attacks targeting critical infrastructure

NETSCOUT released its 2H2024 DDoS Threat Intelligence Report, revealing how Distributed Denial of Service (DDoS)…
Copyright: Security Buyer

ASIS UK Launches “Security is You(th)” Hackathon

ASIS International UK has launched Security is You(th), an initiative designed to engage students and early-career professionals…
Image Provided by IPSA

IPSA Appoint Frontline Hero as Ambassador

Abdullah, the courageous security officer praised for foiling a horrific knife attack at Leicester Square, has been appointed as…
Image provided by Veeam

AI and Ransomware: Cutting Through the Hype

Rick Vanover, Vice President Product Strategy, Veeam discusses how It might be the great paradox: Artificial Intelligence (AI)….
Rasheed Alzahrani

Big Interview – Rasheed Alzahrani

Rasheed Alzahrani, Director of Safety and Security at King Salman Park Foundation, shares insights into innovative safety and security… 
Copyright: Security Buyer

AmiViz Partners with Titania

AmiViz announced a strategic distribution agreement with Titania. This collaboration underscores a shared commitment to enhancing…
Copyright: Security Buyer

Perimeter Protection: Balancing Physical and Technology

Joseph Clarke, Assistant Editor advocates for a hybrid approach to balancing physical and technological barriers in perimeter security…
FLIR

Product Spotlight – FLIR

How DP World Yarimca relies on FLIR Security Solutions for efficient and secure port security operations …
Scroll to Top