The National Cyber Security Centre (NCSC) has reported a significant increase in the number of ‘nationally significant’ cyberattacks in the UK in its latest Annual Review.
The agency, which is part of GCHQ, handled 204 such incidents in the 12 months to August, up from 89 in the previous year. On average, the NCSC managed four of these high-level attacks each week.
The total number of incidents handled by the NCSC reached 429, with 18 categorised as ‘highly significant’ – those with the potential to seriously impact essential services. This figure represents an almost 50% rise in these high-severity cases compared to the previous year and marks the third consecutive annual increase.
A substantial portion of the incidents were attributed to Advanced Persistent Threat (APT) actors, including both nation-state groups and sophisticated criminal organisations.
Dr Richard Horne (pictured above), chief executive of the NCSC, said, “Cyber security is now a matter of business survival and national resilience.” He noted that with over half of the incidents being nationally significant and a 50% increase in highly significant attacks, the UK’s exposure to serious cyber threats is escalating.
“The best way to defend against these attacks is for organisations to make themselves as hard a target as possible.” He noted that business leaders must act with urgency, as hesitation increases vulnerability.
In response to the rising threat, the government has contacted chief executives and chairs of major businesses, including all FTSE350 companies, to stress the importance of cyber resilience as a board-level responsibility. The government has called for closer cooperation between the public and private sectors to protect the UK economy.
Industry leaders have echoed the call for proactive measures. Adrian Cox, CEO of Beazley, commented, “The NCSC’s review makes one thing perfectly clear: businesses need to invest now in protecting themselves and their suppliers through consistent and proactive cyber security measures, before, during, and after an attack.”
Cox said that while no institution is impenetrable, the quality of response to an attack can be as impactful as prevention, and that a mindset of preparation is essential.
Ian Birdsey, partner at Clyde & Co and a cyber security specialist, responded to Dr Horne’s remarks by highlighting the importance of preparedness. Birdsey said that in the early stages of a serious incident, such as ransomware, the main concerns are communication, access to incident response plans, and knowing the organisation’s cyber insurer.
“While Clyde & Co’s annual Corporate Risk Radar report reveals that 77% of executives are confident in their ability to defend against a cyberattack compared to five years ago, it’s important for businesses to understand that they are never 100% impenetrable,” Birdsey said. “The best approach for cyber readiness is to plan and rehearse how the response to an incident will work, rather than putting all the resources into trying to prevent an attack, as no systems can be fully secure and cyberattacks are becoming inevitable.”
Birdsey also pointed to recent attacks, such as those by the group Scattered Spider, which have shown that even robust cybersecurity can be bypassed through third-party vendors and social engineering. He warned that failure to prepare can lead to prolonged business disruption, as seen in recent incidents affecting companies like M&S and JLR.
What are your thoughts on this story? Please feel free to share your comments below.
