In his first speech on Tuesday, Richard Horne, the new head of the U.K.’s National Cyber Security Centre, expressed that the country’s cyber risks are “widely underestimated.” Since stepping into the role in October, he’s observed a surge in hostile cyber activities, primarily driven by foreign actors from Russia and China. He pointed to significant ransomware attacks on the British Library and Synnovis, which impacted the NHS, showing just how reliant we’ve become on technology for communication and healthcare.
“Actors are increasingly exploiting our technology dependence, aiming to create maximum disruption and chaos,” Horne noted.
The context of his remarks comes shortly after the NCSC’s Annual Review for 2024. Their Incident Management team dealt with 430 cyber incidents this year, a notable rise from 371 in 2023. Among these, 347 cases involved data theft, and 20 were tied to ransomware. The report identifies ransomware as a major threat for U.K. businesses, particularly in sectors like academia, manufacturing, IT, legal services, charities, and construction. The rise of generative AI has further fueled this threat, lowering the barriers for attackers and enabling amateur hackers to enhance their capabilities through better social engineering, data analysis, and coding.
Horne highlighted that 12 incidents this year fell into the “most severe” category, representing a threefold increase from the previous year.
In his assessment, he sees a troubling disconnect between the threats we face and our defenses. “The gap between our exposure and the protections we have is widening,” he stated. He emphasized the urgent need for businesses to step up their cyber resilience. Research indicates that 87% of U.K. businesses are unprepared for cyber attacks. Alarmingly, only 54% of IT professionals in the U.K. feel confident about recovering their company’s data after an attack. He urged businesses to shift their mindset, viewing cyber security not as a “necessary evil,” but as crucial for achieving their goals.
State-led threats loom large, according to Horne. This year, the NCSC, alongside international cyber authorities, alerted about Russian hacktivists targeting critical systems like smart water meters and dam monitoring. There’s clear evidence that Russian intelligence has increased cyber operations against Ukraine and allied nations, using these activities to inspire other attackers against Western infrastructure.
On the other hand, Horne describes China as a sophisticated cyber actor, aiming to extend its influence globally. Recent incidents revealed Chinese state-sponsored groups compromising critical infrastructure in the U.S. and targeting U.K. officials.
Iran is stepping up its cyber efforts as well, showing readiness to disrupt the U.K. Following patterns, North Korea maintains a threatening posture by targeting cryptocurrency and defense sectors to fund its operations, with ongoing risks from North Korean workers posing as freelancers.
With this backdrop, Horne stressed the need to bolster the defense of critical infrastructure, supply chains, and the public sector. Ian Birdsey, a cyber specialist at Clyde & Co, pointed out that the U.K. has become a prime target for hostile nations given the shifting geopolitical landscape. As these systems become more digitized and interconnected, the urgency to enhance security increases. Cyberwarfare is firmly woven into the fabric of modern global conflicts.
