As countries gather in Hanoi to sign the first-ever UN binding treaty on cybercrime, the UK’s National Cyber Security Centre (NCSC) has issued a sobering assessment of the cyberthreats facing the country.
The NCSC’s annual review, which comes after recent high-profile cyberattacks on British businesses, warned that the number of cyber incidents that pose a risk on a national level has risen dramatically. The agency classified nearly half of all the cyber incidents it handled in the past year as nationally significant – a record high.
For a nation that prides itself on digital innovation, this should be a wake-up call. The UK needs to take decisive action to strengthen resilience, support businesses and secure critical infrastructure.
Without these steps, the UK is at risk of a cascading cyber crisis scenario – where coordinated or interconnected attacks could spread rapidly across sectors, disrupting essential services, supply chains and the economy. The consequences would extend far beyond the digital realm, touching every part of society.
Rapidly escalating threats
The NCSC’s latest review leaves little room for complacency. The UK faces an intensifying mix of threats from state and criminal actors, with China, Russia, Iran and North Korea identified as persistent and highly capable adversaries. Hostile state actors increasingly target critical national infrastructure, supply chains and key economic sectors.
At the same time, threats are being reshaped by the rapid evolution of ransomware and the growing use of AI-enabled tools for reconnaissance and exploitation. In addition, the proliferation of commercial cyber intrusion tools has lowered the barrier to entry for sophisticated attacks. These tools include spyware and remote access software that was developed for government or corporate use but is increasingly sold on the open market. Together, these trends are expanding the pool of capable actors and accelerating the speed and scale at which attacks can occur.
The recent attacks on Jaguar Land Rover (JLR), Marks & Spencer, and the Co-op Group illustrate that the threat is not confined to foreign states or external perpetrators. Criminal actors, including from within the UK, were allegedly behind these attacks. The attacks disrupted production lines, emptied supermarket shelves and exposed how deeply the economy depends on digital systems that remain acutely vulnerable.