Image: © Dan Talson/Stock.adobe.com
Data shows a nearly 16pc rise in cybersecurity incidents across the UK.
The head of the UK’s cybersecurity watchdog has warned that the cybersecurity risk facing the country is “widely underestimated”.
Speaking at the launch of the National Cyber Security Centre’s (NCSC) annual review, the organisation’s CEO Dr Richard Horne highlighted the widening gap between the threats the country faces, and the defences it has in place to mitigate them.
According to the review, officials handled 430 cyber incidents this year, a nearly 16pc rise since 2023 – of which 347 incidents were related to data exfiltration and 20 involved ransomware.
Horne, who took over the department this October, said that “hostile activity in UK cyberspace has increased in frequency, sophistication and intensity”, adding that “[threat] actors are increasingly using our technology dependence against us, seeking to cause maximum disruption and destruction”.
The review stated that the academic sector was the largest hit with ransomware this year, followed by the manufacturing and IT sectors.
Officials issued 542 fresh notifications this year informing organisations of a cyber incident, more than doubling the 258 notifications sent out last year.
However, almost half of the fresh notifications sent this year were related to pre-ransomware activity, which, according to the cybersecurity watchdog, enabled organisations to detect and remove precursor malware before ransomware was deployed.
The review also stated that artificial intelligence (AI) is being increasingly used to boost the volume and impact of the attacks – highlighting how the new technology can be used for social engineering and to analyse exfiltrated data.
The review pointed out that the increasing threat and fast turnaround time for security managers is challenging and AI is expected to further shrink the time.
“Cyberattacks are increasingly important to Russian actors,” Horne said, while adding that, “China remains a highly sophisticated cyber actor”.
The UK has faced a number of high-level cyberattacks on its public services recently. Earlier this year, the public Wi-Fi at 19 stations across the UK was subjected to a cybersecurity incident, following just weeks after Transport for London, the organisation responsible for most of the city’s transport, reported an ongoing incident.
While last year, a cyberattack targeted two ambulance services in the UK’s NHS, rendering them unable to access electronic patient records for more than a week.
However, recently, the UK, with a renewed focus on developing data centre infrastructure, classified data centres – which host a vast array of information – as critical national infrastructure, providing them greater support during outages, cyberattacks and other adverse events.
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.
