A new report has found a distinct relationship between climate change and cyber attacks. According to a new research published by Bridewell, 84% of US-based critical infrastructure is now at an unprecedented risk of being targeted by cyber attackers due to the effects of climate change. The report points out the impact of new sustainable technologies on the threat management and risk preparedness of organizations in 2023.
Ambitious ESG Goals are Exposing Organizations to New Kinds of Cyber Threats
Things are really complex when environmental challenges begin to impact an organization’s ability to secure its resources against cyber threats. Bridewell found that over eight-in-10 organizations across US critical infrastructure say that environmental challenges are hindering their efforts to safeguard critical systems and data. In their survey of cybersecurity decision makers in the transport and aviation, finance, utilities, government, and communications sectors, Bridewell revealed how the twin threats of climate change and cybersecurity are becoming intertwined and leaving organizations increasingly vulnerable.
Recommended News and Insights for CIOs / CISOs:
10 Things You Should Know About the Modern Data Infrastructure Dynamics in 2023
Over nine-in-10 (91%) security leaders now agree that newly implemented sustainable technologies and tools will become a major new pathway for cyber-attacks within critical infrastructure in the next five years, raising concerns about a fresh wave of attacks impacting daily life and the economy.
The Lack of Skilled Resources and Leadership Initiative Hampering Security
Amidst rising pressure to meet ambitious sustainability targets, organizations are already struggling to secure the new tools being introduced. For 47% of critical infrastructure operators, the challenges of managing and protecting rapidly deployed ‘green’ technologies are compromising their organization’s cybersecurity, while 43% lack the skilled resource to safely integrate these tools into their existing systems. Almost half (49%) of organizations surveyed also lack C-suite understanding of the cyber threats emerging from sustainable technologies, revealing significant blind spots at the highest levels of national security decision-making.
Climate Change is Causing an Increase in Cyber Threats
With recent extreme weather events, including Hurricane Ian, showcasing US infrastructure’s natural vulnerability to the effects of climate change, Bridewell’s findings reflect mounting concerns about climate-fueled cyber threats and their cascading impacts on interdependent critical sectors. A quarter (25%) of organizations are already seeing climate events damaging their critical infrastructure and compromising critical networks, while 22% report that economic stress caused by climate change is causing an increase in cybercrime.
Martin Riley, Director of Managed Security Services at Bridewell, commented: “Emerging sustainable technologies and carbon capture systems, being deployed by startups, pose significant cybersecurity risks for critical infrastructure as they fall outside of scope and size for regulation. This directly undermines the security of our most critical infrastructure, exposing organizations to even greater cyber threats. Organizations should be adopting a security-by-design approach with all newly implemented sustainable tools, consulting with experts to ensure that regulatory standards are being met. By incorporating robust security measures from the outset and integrating them into existing systems, organizations can effectively address these vulnerabilities and mitigate the growing cyber threats being faced.”
Heightened activism around the climate crisis and other politically charged factors, such as rising energy costs, are also creating new attack routes for nation-state actors and other criminals to exploit. Following a recent surge in ideologically motivated cyber-attacks against the financial services industry, almost a third (28%) of finance organizations have seen a rise in ‘hacktivism’ due to climate change, creating further opportunities for critical systems to be targeted.
Top Insights: Consumers See Digital Companies as Big Risks to their Privacy
