UK must confront Russia's 'aggression and recklessness' and China’s sophisticated cyber threats, warns GCHQ chief
3 December 2024, 07:56
The UK is facing an alarming escalation in cyber threats, with Russia's "aggression and recklessness" and China's "highly sophisticated" hacking efforts posing significant risks, the head of GCHQ’s National Cyber Security Centre (NCSC) will warn in a major address.
Listen to this article
Loading audio...
In his first public speech since taking over in October, Richard Horne will highlight a widening gap between the scale of cyber threats—ranging from state-sponsored hackers to cybercriminals—and the UK’s ability to defend against them.
The NCSC’s annual report reveals a threefold increase in serious cyber incidents over the past year, but Mr Horne will caution that the danger continues to be “widely underestimated” by organisations across the public and private sectors.
"What has struck me more forcefully than anything else since taking the helm at the NCSC is the clearly widening gap between the exposure and threat we face, and the defences that are in place to protect us." Mr Horne will say at the NCSC’s London headquarters.
"And what is equally clear to me is that we all need to increase the pace we are working at to keep ahead of our adversaries."
The report paints a stark picture of the cyber landscape. Russia is described as a “capable, motivated, and irresponsible threat actor,” with cyber activities tied to President Vladimir Putin’s government as well as independent groups.
Moscow’s cyber aggression, including sabotage threats to physical security, has been emboldened by its actions in Ukraine, inspiring non-state actors to target critical national infrastructure.
China, meanwhile, is identified as a sophisticated and ambitious player seeking to extend its influence beyond its borders. Groups linked to Beijing, such as Volt Typhoon, have been implicated in targeting US infrastructure and are believed to have attacked UK institutions, including MPs' emails and the Electoral Commission’s database. These incidents could foreshadow more disruptive attacks in the future.
Iran and North Korea are also prominently featured in the report. Tehran is bolstering its cyber capabilities to fulfil disruptive objectives, while Pyongyang has been targeting cryptocurrency markets to fund its regime and stealing defence data to advance its military and internal security.
The NCSC highlights major incidents, such as a ransomware attack on Synnovis in June 2024, which disrupted health services, and the British Library hack in October 2023, which impacted public access to knowledge. These events underscore the deep integration of technology into everyday life and the human costs of cyber attacks.
In 2023-24, the NCSC managed 1,957 reported cyber incidents, with 430 requiring intervention from its incident management team. Of these, 89 were deemed nationally significant, including 12 classified as severe—three times as many as the previous year.
"The attack on Synnovis revealed how reliant we are on technology for accessing health services, while the British Library hack highlighted our dependence on technology for knowledge," Mr Horne will say. "What these and other incidents show is how entwined technology is with our lives and that cyber attacks have human costs."
The report also warns about the growing role of artificial intelligence in amplifying the volume and impact of cyber attacks.
Criminals are increasingly adopting AI-driven techniques to expand their reach and sophistication, a trend described by Cabinet Office Minister Pat McFadden as transformative and costly for citizens and businesses alike.
As cyber threats evolve, the NCSC emphasises that the UK cannot afford complacency. “The resilience of critical infrastructure, supply chains, and the public sector must improve—but so must our wider economy,” the report states.
It adds: “The UK must wake up to the severity of the cyber threat.”
