Cybercrime , Fraud Management & Cybercrime , Geo Focus: The United Kingdom

UK Reports 50% Spike in 'Nationally Significant' Incidents

New NCSC Chief Also Warns of Threefold Increase in Severe Cyberattacks
UK Reports 50% Spike in 'Nationally Significant' Incidents
Richard Horne, CEO, National Cyber Security Centre (Image: NCSC)

The United Kingdom experienced a spike in cybersecurity incidents posing national security risks this year, the chief of the country's national security incident warned. Growing advancements in emerging tech are widening the gap between offensive and defensive cyber capabilities, he said.

See Also: 2024 CISO Insights: Navigating the Cybersecurity Maelstrom

Speaking during the Singapore International Cyber Week, Richard Horne, the newly appointed CEO of the National Cyber Security Centre, said the number of "nationally significant incidents" increased 50% this year, and severe incidents grew threefold.

Recent high-profile incidents include a June ransomware attack on a U.K. National Health Service IT vendor that led to blood shortage across U.K. hospitals. The attack delayed nearly 6,199 acute outpatients and 1,491 elective procedures.

Horne's statement follows similar warnings earlier this month from the head of MI6, Britain's intelligence agency, who said nation-state actors are investing aggressively in advanced cyber operations to sow "mayhem on British streets" (see: MI5 Chief Warns of Cyberthreats to the UK).

Horne attributed the surge in attacks to advancements in technology that have enabled novice hackers to obtain sophisticated capabilities previously limited to ransomware and national-state actors.

"Increased dependence on technology is driving growth and transforming societies, creating exciting new opportunities. It also exposes us to greater cyber risks," Horne said, calling for collective action from governments to address the widening gap between cyber defense and offensive capabilities.

With the rapid adoption of AI and other emerging tech, comes the risk of "today's innovation" becoming "tomorrow's legacy," Horne said, adding that tech companies and software developers must ensure "long-term technology resilience" in their products.

"This is a task that businesses and public services cannot tackle alone. Governments must step in to set the tone and guide the conversation," he said.

The U.K. government is currently evaluating the role of security-by-design as a policy strategy to improve the resilience of the country's critical infrastructure.

The U.K. government is currently working to incorporate its draft codes of practice for software vendors into software purchasing and another procurement process (see: Operation Cronos Is Disrupting LockBit, Says UK Official).

The Cyber Security and Resilience bill, which the government plans to take up in March, would make patching flaws and reporting ransomware incidents mandatory (see: UK Labour Introduces Cyber Security and Resilience Bill).

Horne also cited the recent Counter Ransomware Initiative as an example of a collaborative effort to tackle rising cyberthreats.

In early October, the U.K. and Singapore governments released new voluntary guidance to help victims with ransomware mitigation. The proposal encourages ransomware victims to report attacks and any ransom demands or payments to law enforcement agencies, cyber insurance carriers, and other outside firms that can help (see: Global Governments Release New Ransomware Response Guidance).


About the Author

Akshaya Asokan

Akshaya Asokan

Senior Correspondent, ISMG

Asokan is a U.K.-based senior correspondent for Information Security Media Group's global news desk. She previously worked with IDG and other publications, reporting on developments in technology, minority rights and education.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.