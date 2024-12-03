



The UK's cyber security chief has warned that the UK is 'widely' underestimating the severity of threats in cyberspace.

This is because GCHQ's National Cyber ​​Security Center (NCSC) said that the most serious attacks have tripled compared to a year ago.

In its annual report released Tuesday, the NCSC said companies, organizations and other parties must immediately strengthen their resilience to the evolving risks posed by artificial intelligence-enhanced and increasingly sophisticated cyberweapons that can be used by hostile nations and criminals. It said more needs to be done. .

It said the gap between the complexity of attacks and the means to defend against them is “widening” and “will become more pronounced over time.”

“It is therefore vital that we increase cyber resilience across the UK and it is vital that we do this with urgency.”

NCSC's new head, Richard Horne, will speak later in London to coincide with the report's release.

“The frequency, sophistication and intensity of hostile activity in UK cyberspace has increased. We believe the severity of the risk facing the UK is being widely underestimated,” he said, according to excerpts from a previously released speech.

The cyber center's incident management team had to provide support in response to 430 cyberattacks last year, up from 371 in 2023.

“Of these incidents, 89 were nationally significant, with 12 of these being the largest in scale and more serious in nature (a three-fold increase on last year),” the report said.

This included a cyberattack on a company called Synnovis, which provides blood testing services to the NHS, which affected hospitals across London, putting patients at risk.

The NCSC did not say how many serious attacks were carried out by adversaries, but classified China, Russia, Iran and North Korea as “substantial and persistent threats.”

As for types of hacking, it warned that ransomware attacks pose “the most immediate and destructive threat to critical national infrastructure,” and revealed that some nation-linked cyber groups are targeting industrial control systems on which that infrastructure depends.

The sectors most reporting ransomware activity to NCSC this year were academia, manufacturing, IT, legal, charities and construction.

Mr Horne will highlight the advice and guidance issued by the NCSC to help the public and private sectors, as well as individuals, build cyber defences.

“The reality is that advice, guidance and frameworks need to be implemented much more across the board,” he says.

“There is no room for complacency about the severity of nation-state threats or the scale of the threat posed by cybercriminals. The defense and resilience of critical infrastructure, supply chains, the public sector and the broader economy must improve.”

