Brian Sims
Editor

Cyber risk facing UK “widely underestimated” warns head of NCSC

Posted to News on Tuesday, December 3, 2024 Share:

THE NATION’S new cyber security chief has used his first major speech to issue a rallying call for collective action against what is now “an increasingly complex array” of threats. Speaking at the National Cyber Security Centre’s (NCSC) London headquarters for the launch of its Annual Review, NCSC head Richard Horne describes the cyber risks facing the nation as “widely underestimated”, warning that Britain and its allies are competing in a high-stakes contest for cyber space.

Horne explained: “What has struck me more forcefully than anything else since taking the helm at the NCSC is the clearly widening gap between the exposure and threat we face and the defences that are in place to protect us. What is equally clear to me is that we all need to increase the pace we are working at in order to remain ahead of our adversaries.”

Further, Horne noted: “As the National Technical Authority, the NCSC has been publishing advice, guidance and frameworks since its inception in a bid to drive up the cyber security of the UK. The reality is that advice, that guidance and those frameworks need to be put into practice much more across the board.”

Elaborating on that last point, Horne observed: “We need all organisations, public and private, to see cyber security as both an essential foundation for their operations and a driver for growth. To view cyber security not just as a ‘necessary evil’ or compliance function, but rather as a business investment, a catalyst for innovation and an integral part of achieving their purpose.”

Changing threat landscape

Turning to the changing threat landscape, Horne highlighted the combination of the UK’s growing dependency on technology and adversaries who are conspiring to use it against us.

“Hostile activity in UK cyber space has increased in frequency, sophistication and intensity. We see this in the intelligence we can access through being part of GCHQ. Actors are increasingly using our technology dependence against us, in turn seeking to cause maximum disruption and destruction.”

Horne commented: “Last week, the Chancellor of the Duchy of Lancaster warned about the aggression and recklessness of cyber activity we see coming from Russia. Along with our partners, including the National Protective Security Authority, we can see how cyber attacks are increasingly important to Russian actors, along with sabotage threats to physical security, which the director general of MI5 spoke about only recently.”

Further, Horne said: “All the while, China remains a highly sophisticated cyber actor, with increasing ambition to project its influence beyond its own borders. Yet, despite all of this, we believe the severity of the risk facing the UK is being widely underestimated.”

Real-world impact

Horne pointed towards the real-world impact of cyber attacks, drawing on recent examples that have disrupted lives, jeopardised safety and eroded trust in our online world.

“There is no room for complacency about the severity of state-led threats or the volume of the threat posed by cyber criminals. The defence and resilience of critical infrastructure, supply chains, the public sector and our wider economy must improve.”

Horne explained: “In the past year, we have seen crippling attacks against institutions that have brought home the true price tag of cyber incidents. The attack against Synnovis showed us how dependent we are on technology for accessing our health services.The attack against The British Library reminded us all that we’re reliant on technology for our access to knowledge. What these and other incidents show us is how entwined technology is with our lives and also that cyber attacks have human costs.” 

Annual Review

On the launch of the NCSC’s Annual Review, Chancellor of the Duchy of Lancaster Pat McFadden said: “As a nation, we must harness technology to drive growth and opportunity without leaving ourselves vulnerable to the ever-growing threat from malicious cyber actors. The NCSC is at the centre of the Government’s efforts designed to strengthen the cyber resilience of organisations and individuals. We must work alongside industry to meet the increasingly sophisticated challenges we face and make the UK the safest place in which to live and work online.”

In the Annual Review, the NCSC highlights the increasingly challenging online environment that the UK and its allies are navigating in a bid to ensure a safe and prosperous digital world for its citizens.

Characterising the 2024 cyber threat landscape as “diffuse and dangerous”, the Annual Review notes a rising frequency of cyber incidents and a growing severity in their impact.

Over the past 12 months, the NCSC has observed how conflicts are fuelling a volatile threat landscape, including Russia’s deployment of destructive malware against Ukrainian targets and routine attempts to interfere with the systems of NATO countries in support of its war effort.

China is described as a highly sophisticated and capable actor targeting a wide range of sectors. In February this year, the NCSC co-signed an Advisory Note on observed compromises of US Critical National Infrastructure by Volt Typhoon, while in March the UK Government called out China state-affiliated actors for targeting democratic institutions.

Iran-based threat actors remain aggressive in cyber space and the Democratic People’s Republic of Korea continues to prioritise raising revenue to circumvent sanctions and collect intelligence in its cyber activity.

Criminal threat

Ransomware is highlighted as the most pervasive cyber threat posed to UK organisations, in turn highlighting the aforementioned financially motivated ransomware attack on Synnovis, a supplier to the NHS, which had a significant impact on citizens.

Elsewhere, cyber criminals’ use Artificial Intelligence to increase the volume and heighten the impact of cyber attacks. In January 2024, the NCSC published an assessment of the near-term impact of AI on the cyber threat, highlighting how it can be used for reconnaissance, social engineering and analysis of exfiltrated data.

The Annual Review also notes an observation from the NCSC that the application of AI to cyber defence will exceed the uplift in any adversary capability or application.

This year, the NCSC’s Incident Management team handled 430 incidents compared to 371 the previous year. Of these, 347 involved some level of data exfiltration and 20 incidents involved ransomware.

The top sectors reporting ransomware activity into the NCSC this year were academia, manufacturing, IT, legal, charities and construction.

Elsewhere, the Incident Management team issued 542 bespoke notifications informing organisations to a cyber incident impacting them and provided advice and guidance on how to mitigate it. This was more than double the 258 bespoke notifications issued last year.

Almost half of the bespoke notifications sent this year related to pre-ransomware activity, enabling organisations to detect and remove precursor malware before ransomware was deployed.

Company Info

WBM

64 High Street, RH19 3DE
EAST GRINSTEAD
RH19 3DE
UNITED KINGDOM

03227 14

Related Topics
British Library
China
GCHQ
Iran
National Cyber Security Centre
National Technical Authority
Russia
Synnovis
Related Articles
Latest Webinars
Biometric access control: are fingerprint cards the future?
Biometric access control: are fingerprint cards the future?
Bandweaver signposts webinar on optical fiber for perimeter security
Video Surveillance: Exploring New Horizons
Perimeter Intruder Detection Solutions
Related Resources
Cyber risk facing UK “widely underestimated” warns head of NCSC
Security Matters Podcast – Episode 32 now live to view
Security Matters Podcast – Episode 31 now live to view
Latest News
OakNorth supports Longacre Group’s investment in Veracity UK Limited
ABI and Lloyd’s of London publish guidance on major cyber events
Kings Secure Technologies named supplier on NHS SBS Framework Agreement

Login / Sign up