NCSC Warns UK is Facing ‘Enduring and Significant’ Cybersecurity Threats

The National Cyber Security Centre (NCSC)’s Annual Review has revealed ‘enduring and significant’ threats to the UK’s critical infrastructure.

Artificial intelligence and the evolving geopolitical landscape are significant areas of cyber risks that can undermine Britain's electoral processes.

The increased threat is said to be a result of a rise in state-aligned groups as well as an increase in aggressive cyber activity and the Review has warned that the UK needs to accelerate work to keep pace with the evolving threats, especially in areas such as cyber resilience in the nation’s most critical sectors including sectors that provide the nation with safe drinking water, electricity, communications, its transport and financial networks, and internet connectivity.

The NCSC has observed the emergence of a new form of cyber threat taking shape in the form of state-aligned actors who are ideologically motivated, rather than financially, due to sympathies lying with Russia. The Centre also revealed earlier in the year details on ‘Snake’ malware which has been a core component of Russian espionage for nearly two decades.

The Review has identified a new trend of malicious actors targeting high-profile and influential individuals in politics, attempting to gain access of personal email accounts and warnings of “persistent effort” to target those who hold information has been given.

Andy Ward, VP International for Absolute Software, commented:

“The NCSC’s annual review highlights a continued need for businesses of all shapes and sizes to focus on their cyber resiliency when it comes to digital infrastructure. Cyber-attacks are a pressing issue as we have seen with various high profile attacks in recent times and the review acts as another reminder that more must be done.”

“It is no longer simply enough to implement cyber security technology to deter attacks but instead businesses must focus on preparing to react if, and when, an attack happens. IT teams not only need visibility across all devices but also require self-healing technologies that can take over instantaneously if an attack is detected. Only then can businesses rest knowing that they are ready to react effectively to minimise downtime, reduce financial loss and protect against reputational damage by creating a robust security process.”

Lindy Cameron, CEO of NCSC, said: “The last year has seen a significant evolution in the cyber threat to the UK – not least because of Russia’s ongoing invasion of Ukraine but also from the availability and capability of emerging tech.

“As our Annual Review shows, the NCSC and our partners have supported government, the public and private sector, citizens, and organisations of all sizes across the UK to raise awareness of the cyber threats and improve our collective resilience.

“Beyond the present challenges, we are very aware of the threats on the horizon, including rapid advancements in tech and the growing market for cyber capabilities. We are committed to facing those head on and keeping the UK at the forefront of cyber security.”