The UK’s critical infrastructure has faced 200 cyber attacks linked to hostile nation-state actors in the first five months of the year, the head of GCHQ’s National Cyber Security Centre (NCSC) said today.
Over the past year, three-quarters of the cyber attacks against critical national infrastructure (CNI) – which includes hospitals, electricity, water and finance – can be traced back to hostile state actors, said NCSC CEO Richard Horne.
Hostile states, including Russia, China and Iran, are targeting the systems that underpin the UK’s essential services, Horne disclosed in a lecture at the Royal United Services Institute.
The high number of attacks against CNI shows that cyber attacks cannot simply be treated as a risk to be managed, but as an “ongoing contest between capable adversaries”, he said.
200 attacks against UK CNI
The NCSC managed 200 cyber incidents affecting the UK’s critical national infrastructure and its supporting ecosystem between January 2026 and May 2026, Horne disclosed.
By 2028, the NCSC says AI-enabled cyber capabilities will likely be used by attackers to exploit known vulnerabilities in legacy technology “at scale” across critical national infrastructure.
Businesses, government and the private sector needed to act “now with urgency” to protect their systems and protect themselves against future conflicts, which would see cyber attacks multiply.
“The many vulnerabilities that organisations tolerate today will be exploited in conflict tomorrow. If they are too expensive or hard to fix in peacetime, then they certainly will be in war,” warned Horne.
“In cyberspace, we are not preparing for tomorrow’s conflicts – to some degree, we are fighting them today,” he added.
Cyber defence akin to football match
Drawing an analogy, he said that cyber battle is not like a “wrestling match”, confined to the closed territory of a wrestling ring,
“It is far more akin to a football or basketball game, played across a large field of play, where success depends on how you operate across the entire pitch,” said Horne.
If we collectively embrace the [cyber] contest, understand the urgency and believe we can be a match for any opponent, then we can and will prevail Richard Horne, NCSC
He said coordinated action is needed across the “near, mid and far” cyber spaces where we come into contact with adversaries, and that different approaches were needed in each.
He called on every board member and executive in every organisation to strengthen their cyber resilience by focusing on three core capabilities: understanding their exposure to threats, building stronger defences based on proven security fundamentals, and ensuring they can continue operating and recover quickly after an attack
“We still see far too many significant incidents today that are possible because the fundamentals are not in place,” said Horne.
“The truth is that in this great contest, there are no spectators; we are all on the pitch. From boardrooms to IT helpdesks to sofas at home, the contest is everywhere,” he added.
“If we collectively embrace the contest, understand the urgency and believe we can be a match for any opponent, then we can and will prevail.”
The NCSC has published resources and guidance to help organisations counter AI-powered attacks here.
Table of Contents Working conditions Anti-competitive impacts Ongoing concerns Ride-hailing app Uber has launched a “dynamic pricing” algorithm in London to automatically set variable pay…
Table of Contents The uses of generative AI Jailbreaking and the challenges of generative AI Hallucinating answers Engineering bias The future of AI Generative AI…
Thank you for joining! Access your Pro+ Content below. 14 January 2025 Generating customer experience at NatWest Bank Share this item with your network: In…
Table of Contents Pulling together data Enterprise software with CDP capabilities Adoption outside marketing Customer data platforms (CDPs) first gained popularity among marketing users as…
