Report: Attacks increase as critical infrastructure comes under attack

KnowBe4, a leading provider of security awareness and simulated phishing training, recently released its latest report, Cyber attacks on infrastructure: the new geopolitical weapon. The report examines the growing threat of cyberattacks on critical infrastructure and provides insights into how to protect yourself against these potentially devastating attacks.

Cyberattacks on critical infrastructure have increased worldwide in recent years, posing significant risks to national security and economic stability. Unlike other data breaches, these attacks primarily seek to gain access to control systems for the purpose of disruption or espionage. The energy, transportation, and telecommunications sectors have become primary targets.

This is not surprising, as these sectors, particularly in developed countries, have become increasingly connected to digital technologies, which in turn have opened up new vulnerabilities to cyberattacks. The consequences of such attacks are potentially devastating, which is why geopolitical adversaries have made it a powerful addition to their arsenal of digital weapons.

The key findings from the report are:

The number of vulnerable points in the U.S. power grid is growing by about 60 per day, with the total number rising from 21,000 in 2022 to 23,000 to 24,000 today.
Globally, the average number of weekly cyberattacks on utilities has quadrupled since 2020, doubling in 2023 alone.
Between January 2023 and January 2024, critical infrastructure was attacked more than 420 million times worldwide, which equates to 13 attacks every second. This is a 30 percent increase compared to 2022.

According to KnowBe4’s Phishing by Industry Benchmarking Report 2024Critical infrastructure sectors such as healthcare and pharmaceuticals, education, and energy and utilities fall into the high-risk categories when it comes to employees falling victim to phishing tactics. This vulnerability is exploited by cybercriminals to infiltrate networks and systems.

“The findings in our report are a wake-up call for critical infrastructure sectors,” said Stu Sjouwerman, CEO at KnowBe4. “While the rise in cyberattacks against them is deeply concerning, it’s important to remember that we are not powerless in this fight. By fostering a strong security culture that combines technology, processes and people, we can significantly mitigate these risks. Every organization, regardless of size or industry, has a role to play in protecting our collective infrastructure. It’s time we view cybersecurity not just as an IT issue, but as a fundamental aspect of our operational resilience and national security.”

The report highlights recent high-profile attacks on global critical infrastructure and their far-reaching consequences, and provides practical recommendations for organizations and institutions to enhance their cyber resilience.

To download a copy of KnowBe4’s report, Cyber attacks on infrastructure: the new geopolitical weaponclick here.