The head of the UK's National Cyber Security Centre (NCSC) has warned that the most serious cyberattacks against Britain are now carried out by hostile states including Russia, Iran and China. Speaking at the CyberUK conference in Glasgow, Richard Horne said the UK is living through 'the most seismic geopolitical shift in modern history' and urged businesses to bolster their defences.
Horne revealed that the NCSC currently handles around four 'nationally significant' cyber incidents per week. While criminal activity like ransomware remains common, the gravest threat comes from state-sponsored attacks. Security Minister Dan Jarvis noted that the NCSC dealt with over 200 such incidents last year, more than double the previous year.
Horne described China's cyber operations as displaying an 'eye-watering level of sophistication', while Iran is 'almost certainly using cyber activity to support the repression of British individuals'. Russia, he said, is deploying tactics honed in Ukraine beyond the battlefield, targeting the UK and Europe with sustained hybrid activity.
Jarvis warned that hostile states aim to 'quietly hollow us out' by hacking logistics systems and compromising businesses. He cited a cyberattack on Jaguar Land Rover that dented UK economic growth, comparing it to criminals smashing dealerships and stealing vehicles. He also highlighted that AI is enabling adversaries to find system vulnerabilities faster than humans can patch them.
In a conflict scenario, Horne cautioned that the UK would likely face cyberattacks at scale, unlike ransomware incidents where companies can pay to recover data. He stressed that every organisation must understand the full extent of the risk and improve defences before it is too late.
The warnings come amid a series of state-linked cyber incidents across Europe. Swedish authorities recently linked a pro-Russian group to an attack on a heating plant, while Poland, Denmark and Norway have reported similar attacks on critical infrastructure, including power plants and dams, attributed to Russian hackers.
