The UK is “widely underestimating” the cyber threat posed by criminals and hostile state actors like China, Russia, Iran, and North Korea, the National Cyber Security Centre (NCSC) has said.
The warning came in the NCSC’s annual review, which showed an increase in the number of cyber incidents needing help from the agency’s Incident Management (IM) team, which coordinates responses to serious cyber attacks.
A total of 12 were “at the top end of the scale and more severe in nature,” representing a three-fold increase on the year before.
Top sectors reporting ransomware activity to the NCSC were academia, manufacturing, IT, legal, charities, and construction.
Report authors said that “the severity of the risk facing the UK is being widely underestimated, and [...] the cyber security of critical infrastructure, supply chains and the public sector must improve.”
China ‘Capable Threat Actor’
The NCSC—the UK’s technical authority for cyber security and part of the GCHQ intelligence agency—said its annual review highlights the “increasingly challenging online environment,” including both from criminal and state threats.China “continues to be a highly sophisticated and capable threat actor, targeting a wide range of sectors and institutions across the globe, including in the UK,” the review says.
The report also noted that the Chinese Communist Party (CCP) has an “increasing ambition to project its influence beyond its borders through both cyber and information operations.”
It said that CCP-affiliated actors seek to gain access to networks for collecting data, espionage, and “prepositioning on critical national infrastructure for future disruptive and destructive purposes.”
Hostile Cyber Activity
Russia and Iran are also both engaging in “hostile cyber activity, not just to degrade, damage and compromise data and systems, but to support or trigger direct physical threat activity, broader espionage, and hybrid warfare activities.”The NCSC said these two states are looking to encourage a new wave of “state-aligned hacktivism,” saying it had seen an increase in the focus on critical national infrastructure systems, “as hacktivist groups strike to compromise these systems for political effect and propaganda victories.”
North Korea is said to be undertaking cyber operations that result in monetary gain, in a bid to raise revenue while circumventing sanctions.
‘No Room for Complacency’
Launching the annual review, NCSC CEO Richard Horne said that hostile activity in British cyberspace “has increased in frequency, sophistication and intensity.”Horne said in his speech at the NCSC, “In the past year, we have seen crippling attacks against institutions that have brought home the true price tag of cyber incidents.”
The NCSC chief said that the threat landscape is “diversifying at speed,” and that it is not just traditional intelligence targets that are at risk, but “all sectors of UK society are under threat of data theft.”
Horne continued that despite some of the examples outlined in the report, “we believe the severity of the risk facing the UK is being widely underestimated.”
He added, “There is no room for complacency about the severity of state-led threats or the volume of the threat posed by cyber criminals.”
Chancellor of the Duchy of Lancaster Pat McFadden said on the launch of the NCSC’s report: “The NCSC is at the centre of the Government’s efforts to strengthen the cyber resilience of organisations and individuals.
“We must work alongside industry to meet the increasingly sophisticated challenges we face and make the UK the safest place to live and work online.”
