UK underestimates cyber threats from hostile states, security chief warns
The UK is underestimating the severity of cyber threats it faces from hostile states and criminal gangs, the head of the National Cyber Security Centre (NCSC) will warn.
British cybersecurity chief Richard Horne will push for collective action against an "increasingly complex array of threats" from enemies who want to cause the UK "maximum disruption and destruction" in his first major speech in the role on Tuesday.
Horne will single out China, Russia and Iran as particular threats to the UK, according to excerpts from his speech, set to take place at the NCSC headquarters in London.
"We can see how cyber attacks are increasingly important to Russian actors," Horne will say, adding that China is a "highly sophisticated cyber actor with increasing ambition to project its influence beyond its borders".
The NCSC's annual review shows a significant increase in "serious" cyber incidents, with the agency responding to 430 incidents between September and August this year, compared with 371 in the previous 12 months. The NCSC said 12 of those incidents were "at the top end of the scale" — a steep increase from four such cases the previous year.
The briefing for Horne's speech said that targets for cyberattacks in the UK include "critical infrastructure, supply chains, the public sector and our wider economy".
Hostile states
In June, UK data services provider Synnovis — which manages blood tests for the country's National Health Service (NHS) — was targeted in an attack in a ransomware attack, where criminal gangs extracted confidential data online and demanded a ransom payment to return it.
Russian group Qilin is widely believed to be behind the incident, with the stolen patient data published on the group's Telegram channel as well as on the dark web.
“The attack on Synnovis revealed how reliant we are on technology for accessing health services," Horne is expected to say. "There is no room for complacency about the severity of state-led threats or the volume of the threat posed by cybercriminals."
The NCSC's annual review says that the past 12 months have seen conflicts fuelling a volatile threat landscape, including Russia using destructive malware against Ukrainian targets and attempting to interfere with the systems of NATO countries.
It also says Chinese state-affiliated actors, such as hacker group Volt Typhoon, were responsible for attacks on the UK's democratic institutions.
Volt Typhoon is believed to be culpable for attacks on the UK's electoral commission and MPs' emails. The group is also currently under investigation in the US for alleged attacks on commercial telecommunications infrastructure.
The NCSC's report mentions Iran and North Korea as potential threats, with Pyongyang continuing to "prioritise revenue to circumvent sanctions and collect intelligence in its cyber activity".
Horne's speech comes after officials in Europe last month sounded the alarm over unexplained attacks on two sets of telecommunications cables in the Baltic Sea.
Last week, NATO's senior expert on cyber and hybrid threats, James Appathurai, said the cable attacks were part of wider uptick of hybrid attacks by Russia in Europe. Moscow has repeatedly denied responsibility for such attacks.
Today