‘Broader and deeper’ online risk to UK from criminals and state-backed hackers

The UK’s reliance on technology across government, businesses and people’s personal lives has left us more vulnerable to potentially devastating online attacks, the head of the cyber security agency warned.

National Cyber Security Centre (NCSC) chief Richard Horne said the threat was “getting broader and in some parts deeper”, with online criminals and state-backed hackers from countries such as Russia and China looking to exploit vulnerabilities.

He said since taking on the role at the NCSC in October, he was both more concerned because of the “stark truth about the risk” but also more reassured because of the strength of the UK’s cyber defence community.

The head of the NCSC, part of the GCHQ intelligence agency, told the PA news agency: “We’re seeing the threat getting broader and in some parts, deeper.

“So where it’s getting broader is we’re seeing more and more cyber criminals able to have quite devastating effects on organisations and customers of those organisations, or people who rely on those services.”

And “in some cases, it is going deeper” with more sophisticated attacks being carried out around the world, he added.

“That tends to be more in the theatre of war, as it were, but there’s always the possibility of that sort of those really sophisticated attacks spilling over, which we’ve seen in the past.”

In Russia, Vladimir Putin’s government and state-aligned hackers have sought to target countries including Ukraine to support the war there – but also Nato members including the UK.

Mr Horne said: “In some ways, the breadth of threat is really criminals, and those criminals might be in Russia, and they might be kind of state-aligned rather than state-directed.

“But the breadth of threats that most organisations in the UK need to think about is criminal threat, and especially ransomware, because of the devastation it can cause.”

Hackers from China have been blamed for hacking the Electoral Commission’s database and targeting MPs’ emails.

Mr Horne told PA: “China are a very capable cyber actor and they’re certainly establishing their position in the world.

“And for us it comes back to: where are we exposed, where are we vulnerable, how are we managing our risk?

“As geopolitics unfolds and different actors assert their position more, we need to be ready to assert our position, and part of that is defence.”

The last government took action to remove Chinese firm Huawei from the UK’s 5G mobile network because of security concerns.

But with the proliferation of Chinese technology across all aspects of life, Mr Horne insisted the country that technology originated from was not the main factor in determining risk.

He said: “I think in some ways, one of my colleagues had a great expression, ‘the flag is not a great indicator of risk’.

“It’s more a case of ‘what is that technology taking out and what information is leaving’ and it’s not necessarily going to one place or another and it doesn’t really matter, from the perspective of defence, where it’s going because attackers can misuse it.

“It’s more a case of more and more technology is impeding on our lives, we are depending on it more, and as a result, data is leaving us to go elsewhere, and that’s very much part of the risk we need to understand.”

The NCSC’s annual review showed a threefold increase in the most serious cyber incidents affecting the UK in 2023-24, but Mr Horne warned the danger is still being “widely underestimated” by both public and private sector organisations and individuals.

Asked whether it was the Government, companies or individuals failing to understand the risk, Mr Horne said: “I think it’s everyone … The extent to which technology is taking our information and moving it elsewhere, the extent to which organisations rely on their supply chains, and those supply chains have all sorts of risks that they haven’t considered.

“The extent to which organisations apply basic security controls consistently everywhere and not just at the core – they all kind of add up to not properly understanding the extent of exposure and the extent of vulnerability.

“And at the same time, the threat is getting broader. So add all of that together and it’s a growing risk.”

Mr Horne joined NCSC from professional services giant PwC in October. Asked whether he was more concerned or more reassured as a result of his time at the cyber defence agency, he said: “I think you’re more concerned because you do see the stark truth about the risk, but more reassured because there is so much happening.”

The NCSC was part of a cyber defence community “and I think if there’s one thing we have in this country that is probably better than anywhere else, it’s the way we can pull together as that community across all parts of society and protect ourselves together”.

In a speech launching the agency’s annual review at its headquarters in London, Mr Horne said the UK relied on online infrastructure “to keep the lights on and the water running, to improve our public services, to keep businesses running, and to drive our growth and prosperity”.

“But those critical systems and services make attractive targets for hostile states and malicious actors in cyberspace.

“They are increasingly using our technology dependence against us, seeking to cause maximum disruption and destruction.”