Hostile states, including China, Iran, and Russia, are responsible for the majority of nationally significant cyber attacks targeting Britain, the head of the UK’s National Cyber Security Centre (NCSC) is set to reveal.
Dr Richard Horne will address the annual CyberUK conference in Glasgow on Wednesday, highlighting how rapid technological advancements and escalating international tensions are fostering "what feels like tumultuous uncertainty" for the nation.
Businesses must be prepared to defend themselves against cyber incursions without resorting to ransom payments, Dr Horne is expected to warn.
He will caution that the UK could face attacks "at scale" should it become embroiled in an international conflict. The NCSC, an arm of GCHQ, currently manages approximately four nationally significant incidents each week. While these figures remain "fairly steady," Dr Horne will underscore that most originate from hostile state actors such as China, Iran, and Russia.
“Criminal activity such as ransomware remains the most prevalent threat to the vast majority of organisations.
“But the majority of the nationally significant incidents that my teams are handling now originate directly or indirectly from nation states.
“We know that China’s intelligence and military agencies now display an eye-watering level of sophistication in their cyber operations.
“This, combined with their whole-of-state approach, means we face more than just a capable cyber threat but a peer competitor in cyber space.
“We know that Iran is almost certainly using cyber activity to support the repression of British individuals on our streets who are seen as a threat to the regime.
“And we know that Russia is taking the cyber lessons it has learnt in a theatre of war and is moving them beyond the battlefield.
“The tactics and techniques honed in conflict are now being directed at states it considers hostile.”
There is “sustained Russian hybrid activity targeting assets across the UK and Europe”, he is expected to say.
Earlier this month, hackers linked to Russia’s GRU military intelligence agency were blamed for exploiting a weakness in commonly used internet routers to steal users’ sensitive information.
The NCSC said the APT28 group, also known as Fancy Bear, had been able to redirect internet traffic to enable hackers to harvest people’s email login passwords and other data.
Dr Horne will tell the conference that businesses should be able to protect themselves against hacks and other cyber attacks without needing to pay ransoms to recover.
“Were we to be in, or near, a conflict situation, the UK would likely face hacktivist attacks at scale, with similar effects and sophistication to the ransomware attacks we see today, but no option to pay a ransom to help recover.
“Defending against that means every organisation embedding cyber security into their corporate mission, ensuring they understand the full extent of risk they face.”
Britain needs to embrace the use of AI as quickly as enemies use it to attack, he will say, and businesses need to plan for the future when quantum computers will be able to break commonly used encryption processes.
Dr Horne will tell delegates cyber security is a key part of defence amid increased international tensions.
“We are living through the most seismic geopolitical shift in modern history,” he will say.
“As Blaise Metreweli, the chief of MI6, said in December, our world is more dangerous and contested now than it has been for decades.
“We are operating in a space between peace and war. Let’s be clear, cyber space is part of that contest.”
CyberUK is the annual UK government cyber security conference.
Trump extends Iran ceasefire with Tehran regime ‘seriously fractured’
Iran-US war latest: Trump extends ceasefire in dramatic climbdown
Ukraine negotiators suggest ‘Donnyland’ tribute to Trump: report
Iran regime able to ‘absorb pain’, says British ambassador to US
Two UK ticket-holders win more than £41m each in EuroMillions jackpot
Two UK tickets win more than £41 million share of EuroMillions jackpot
