KnowBe4 report reveals surge in cyberattacks on infrastructure

KnowBe4 has released a new report titled "Cyber Attacks on Infrastructure: The New Geopolitical Weapon," which delves into the escalating threat of cyberattacks on critical infrastructure and offers insights into protective measures. The report highlights the increasing vulnerability of vital sectors such as energy, transportation, and telecommunications, which have become key targets for cybercriminals and state-sponsored groups seeking to disrupt or spy on national infrastructure.

According to the report, the number of vulnerable points in U.S. power grids is growing by approximately 60 each day, with the total count rising from 21,000 in 2022 to between 23,000 and 24,000 today. Globally, the average number of weekly cyberattacks against utilities has quadrupled since 2020, with a significant spike occurring in 2023. From January 2023 to January 2024, critical infrastructure worldwide endured over 420 million attacks, equating to 13 attacks per second, marking a 30% increase from 2022.

The 2024 Phishing by Industry Benchmarking Report, also released by KnowBe4, identifies critical infrastructure sectors such as healthcare, pharmaceuticals, education, and energy and utilities as highly susceptible to phishing attacks. These sectors are often exploited by cybercriminals to infiltrate networks and systems, posing substantial risks to national security and economic stability.

"The findings in our report are a wake-up call for critical infrastructure sectors,” stated Stu Sjouwerman, CEO at KnowBe4. “While the surge in cyberattacks on them is deeply concerning, it's important to remember that we're not powerless in this fight. By fostering a strong security culture that combines technology, processes, and people, we can significantly mitigate these risks. Every organization, regardless of size or sector, has a role to play in safeguarding our collective infrastructure. It's time we view cybersecurity not as just an IT issue, but as a fundamental aspect of our operational resilience and national security."

The report also sheds light on recent high-profile cyberattacks targeting global critical infrastructure and underscores their extensive impacts. It provides actionable recommendations for organisations and institutions to bolster their cybersecurity resilience. The emphasis is on cultivating a robust security culture through comprehensive awareness training, technological safeguards, and stringent procedural protocols.

KnowBe4 aims to raise awareness about the increasing frequency and sophistication of cyberattacks on critical sectors. The interconnectedness of digital technologies in developed countries has opened new vulnerabilities, making these sectors more susceptible to potential breaches. Consequently, geopolitical adversaries have incorporated cyber weapons into their arsenals, heightening the urgency for enhanced cybersecurity measures.

The report underscores the necessity for organisations to stay vigilant and proactive in their cybersecurity efforts. By mobilising end users as the last line of defence and leveraging awareness training, organisations can fortify their security cultures and diminish human risk. The stakes are high, and the need for effective countermeasures has never been more paramount.