Cyber Attacks On Britain's Water Supply

An increasing number of cyber incidents have hit the UK’s critical drinking water suppliesin 2024. The exact nature of these incidents is unclear, and they may include operational failures as well as attacks. Under British cyber security laws, infrastructure companies are required to report “significant incidents” to the government within three days or face a fine of up to £17 million ($21 million). 

Across all regulated critical national infrastructure sectors, more incidents have been reported this year than ever before, with the transport and drinking water sectors the most impacted. In 2024, there were at least six incidents affecting drinking water infrastructure, according to data collected by Recorded Future, whereas  In previous years there were no more than two. 

While plenty of attention has been paid to its pipes, trunk mains and sewage overflows, less well understood is another big problem -  computer systems. Some IT systems date back to the 1980s, and have long been declared obsolete. The six incidents were reported to Defra between January 1 and October 21. 

According to the NIS Regulations - the EU's Directiveon security of network and information systems -these reports related to a cyber attack or operational failure that “directly impacts on the production and delivery of wholesome water, irrespective of whether or not customers are directly affected.” 

Gov.UK   |   Future Water Assoc.   |   Water Industry Jo.   |   Record  |   Guardian   |   Okta   

Image: photim

You Might Also Read: 

Is The British Government Doing Enough To Combat Cyberattacks Against Critical Infrastructure?:


If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


« Taking The You Out Of USB
Hackers Steal $10M Via LinkedIn »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CERT-FR

CERT-FR

CERT-FR is the French national government computer security incident response team.

Sintef Digital

Sintef Digital

Sintef Digital carries out research in Information and Communication Technology for industry and the public sector.

AimBrain

AimBrain

AimBrain tools detect and prevent fraud, faster and more accurately than ever before.

Wizlynx PTE LTD

Wizlynx PTE LTD

Wizlynx PTE LTD is the Singapore branch of Wizlynx Group located in Singapore, offering Information and Cyber Security Services throughout the entire Asia Pacific (APAC) region.

Lexsynergy

Lexsynergy

Lexsynergy is a global domain name management and online brand protection company.

Newtec Services

Newtec Services

IT should be responsive, adaptive, and smart. Now more than ever, you need a business that runs efficiently and can adapt to today's challenges. We can help with custom IT solutions.

ANSEC IA

ANSEC IA

ANSEC is a consultancy practice providing independent Information Assurance and IT Security focussed services to customers throughout the UK, Ireland and internationally.

Celera Networks

Celera Networks

Celera Networks is a managed services provider specializing in cybersecurity, cloud and managed IT services.

Riskonnect

Riskonnect

Riskonnect technology empowers organizations with the ability to anticipate, manage, and respond in real-time to strategic, operational, and digital risks across the extended enterprise.

Project Cypher

Project Cypher

Project Cypher leverages the latest cybersecurity developments, a world class team of hackers and constant R&D to provide you with unparalleled cybersecurity offerings.

StealthMole

StealthMole

StealthMole is a deep and dark web threat intelligence company that delivers a cloud-based, unified platform for digital investigation, risk assessment, and threat monitoring.

SecuCenter

SecuCenter

Secucenter is a trusted partner for SOC services, offering security expertise in a cost-effective way.

Nicos AG

Nicos AG

Nicos AG specializes in secure, global data communication.

Digital & Intelligence Service (DIS) - Singapore

Digital & Intelligence Service (DIS) - Singapore

DIS is the fourth Service of the SAF, here to defend and dominate in the digital domain, and achieve peace and security for our land.

Securitum

Securitum

Securitum is a leading penetration testing company in central and eastern Europe.

CyberTee

CyberTee

CyberTee is an Alliance designed for and by independent cybersecurity professionals to address the talent shortage.