The cybersecurity preparedness of utility companies has come under scrutiny again after a British water provider was successfully hacked. According to a recent announcement by South Staffordshire Water, a ransomware group successfully broke into their corporate systems causing some operational disruption.
Is everything as it seems?
Despite confirmation from South Staffordshire Water, there seems to be some confusion about what actually happened. Hacking and ransomware group C1OP claimed responsibility for the attack – but also said that they had actually compromised rival utility provider Thames Water.
Thames Water, the UK largest provider serving 15 million people, was quick to issue their own statement. A series of updates were tweeted from the official company account to confirm that they had not been hacked, and that they continue to take cybersecurity extremely seriously.
Not to be outdone, C1OP then claimed that they had not only hacked Thames Water’s network, but had spent several months accessing their corporate IT systems. To prove their point, the hackers also leaked some of the data they had stolen.
But there was a problem – the ‘evidence’ has clearly been stolen from South Staffordshire water.
Funny not funny
Whether C1OP attacked the wrong utility provider or made a mistake afterwards is unclear – and the confusion does make them look amateurish. However, the fact that a vital utilities provider was successfully compromised is of significant concern. Despite expert concerns about the security of utilities, it is clear that some businesses are still failing to properly safeguard their services – which could have serious implications for the British population.
On a more positive note, South Staffordshire Water has been clear that the breach only ever affected corporate systems. This means that there was never any danger of water supplies being cut off or contaminated – the IT systems that oversee those functions were unaffected.
A serious potential problem
Hacking corporate IT systems usually results in financial loss. But if a vital public utility like water supplies are cut off, there could be a serious threat to life.
In the face of ongoing geopolitical instability, the threat to utilities providers like water and electricity have never been greater. In addition to general troublemakers and criminal groups like C1OP, there are nationally-funded cyberwarfare units tasked with launching offensive actions when required. In the event of a war, it is highly likely that these units would be ordered to attack utilities and infrastructure to cause disruption.
Although the South Staffordshire Water incident has been relatively non-disruptive, the fact that hackers have been able to break into an essential utility is concerning. If nothing else, this latest incident suggests that providers will need to improve their defenses because the outcomes may not be so harmless – or unintentionally funny – next time.
Want to know more about cyberwarfare and the risks posed by hackers? Take a look at the cyberwarefare archive.