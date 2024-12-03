



Britain's cyber security chief has warned that the country is underestimating the severity of online threats faced by hostile nations and criminal gangs.

Richard Horne, director of GCHQ's National Cyber ​​Security Centre, will note that serious incidents have tripled amid Russia's aggressiveness and recklessness and China's highly sophisticated digital operations.

In his first major speech as head of the agency, Horne will say on Tuesday that hostile activity by adversaries seeking to cause maximum chaos and destruction in UK cyberspace has increased in frequency, sophistication and intensity.

In a speech at the NCSC's London headquarters, Horne, who took up the role in October, will point out the aggressiveness and recklessness of cyber activity coming from Russia and how China remains a highly sophisticated cyber actor. Project influence beyond borders.

But despite all this, we believe the severity of the risk facing the UK is widely underestimated.

One expert described the comments as a wake-up call to businesses and public sector organizations about the scale of the cyber threat facing the UK.

Horne will be sounding the alarm as the NCSC revealed a significant increase in serious cyber incidents over the past 12 months. The agency responded to 430 incidents requiring assistance between Sept. 1, 2023, and Aug. 31, 2024, compared with 371 in the previous 12 months, according to the annual review.

Twelve of these attacks reached the highest level of scale and were three times more severe than the previous year.

Horne says there is no room for complacency about the severity of nation-state threats or the scale of the threat posed by cybercriminals. The defense and resilience of critical infrastructure, supply chains, the public sector and the wider economy must be improved.

Last week, Cabinet Secretary Pat McFadden warned that Russia could put out fires for millions of people with cyber attacks.

The NCSC review did not make a distinction between attacks carried out by the state and those committed by criminal gangs. However, it is understood that significant time is spent supporting organizations responding to ransomware attacks, which allow criminal groups to paralyze targeted IT systems and extract confidential data. The gang then demands a ransom in Bitcoin to return the stolen data.

Recent ransomware attacks targeting high-profile targets in the UK include the British Library and Synnovis, which manages blood tests for NHS trusts and GP services. The NCSC said it received 317 reports of ransomware activity last year, 13 of which were incidents of national significance.

The attack on Synnovis showed how reliant we are on technology to access healthcare. And the attack on the British Library was a reminder that we rely on technology to access knowledge, Horne said. What these and other incidents show is how intertwined technology is with our lives and the human cost of cyberattacks.

Ransomware gangs typically originate from Russia or former Soviet Union countries, and their presence appears to be tolerated within Russia as long as they do not attack Russian targets. However, according to the UK's National Crime Agency, Russian cybercrime organization Evil Corp carried out attacks targeting NATO member states at the behest of the Office of the Director of National Intelligence.

Horne added: What has struck me most since taking charge of the NCSC is the apparent widening gap between the exposures and threats we face and the defenses in place to protect us.

And what is equally clear to me is that we all need to speed up our work to stay ahead of our enemies. The underrated warning is understood to be aimed at public and private sector organizations in the UK.

The NCSC said the sectors reporting the most ransomware activity this year were academia, manufacturing, IT, law, charities and construction.

The agency's review found that through the invasion of Ukraine, the Russian regime was encouraging non-state actors to carry out cyberattacks against critical national infrastructure in the West.

The review points to Chinese hackers such as the Volt Typhoon group targeting US infrastructure and possibly laying the groundwork for future disruptive and destructive cyberattacks, while in the UK, a Beijing-linked group targeted lawmakers' emails and Electoral Commission databases. I took it as .

The report also warns that Iran is developing cyber capabilities and is willing to target the UK to achieve destructive and destructive goals, while North Korean hackers are targeting cryptocurrencies to increase profits and are targeting Pyongyang's internal security forces. It warned that attempts were being made to steal defense data to improve security and military capabilities. .

The NCSC also believes that UK companies are almost certain to be targeted by North Korean workers posing as freelance third-country IT workers to generate revenue for the North Korean regime.

Alan Woodward, professor of cyber security at the University of Surrey, said the NCSC was warning the private and public sectors not to take their eye off the ball.

The government is trying to sound the alarm, he said. I feel like not everyone is listening yet.

