The UK cyberattacks increase continues to alarm security experts, with the National Cyber Security Centre (NCSC) revealing that it handled a record 204 nationally significant cyber incidents in the past year — more than double the 89 incidents recorded the previous year. The surge highlights the growing scale of UK cybersecurity threats, as businesses and government entities face increasingly sophisticated attacks from nation-state and criminal actors.
According to the NCSC Annual Review 2025, the country is now experiencing an average of four nationally significant cyberattacks every week, reflecting how deeply digital threats have embedded themselves into the UK’s critical sectors and economy.
But what’s most concerning is the sharp escalation in the number of highly significant cyber incidents — those capable of disrupting essential services or compromising national interests. Of the 429 total incidents handled, 18 were classified in this category, marking an almost 50% increase compared with the previous year and the third consecutive annual rise.
“This marks an almost 50% increase on incidents of this second-highest level categorisation compared with the previous year, and an increase for the third year running,” the NCSC report stated — a clear sign that the UK’s digital defences are being tested like never before.
UK Cyberattacks Increase Driven by State and Criminal Actors
The GCHQ cyber report points to a UK cyberattack increase linked to Advanced Persistent Threat (APT) groups — both state-sponsored and well-organised criminal gangs. These actors are targeting vital sectors such as energy, finance, and healthcare with increasingly advanced tactics.
Dr. Richard Horne, Chief Executive of the NCSC, said the findings should serve as a wake-up call to UK businesses and leaders.
“Cyber security is now a matter of business survival and national resilience,” Horne said. “With over half the incidents handled by the NCSC deemed nationally significant, and a 50% rise in highly significant attacks on last year, our collective exposure to serious impacts is growing at an alarming pace. Hesitation is a vulnerability — the time to act is now.”
Government Urges Board-Level Cyber Resilience
In response to the sharp rise in UK cyberattacks, the government has written to CEOs and board chairs of major UK organisations — including all FTSE 350 companies — urging them to make cyber resilience a top-level priority. The message underscores that cybersecurity is no longer a purely technical challenge but a strategic business risk that demands executive oversight.
Nationally significant incidents are defined as those that could have a major impact on national security, the economy, or essential services, while highly significant attacks may require a coordinated cross-government response due to their potential to cause severe and lasting disruption.
New Toolkit to Help Small Organisations
To help businesses strengthen their defences, the NCSC has launched a Cyber Action Toolkit — a new resource aimed at small organisations and sole traders. It provides simple, actionable steps to help build strong cybersecurity foundations and protect against the most common online threats.
The centre is also urging businesses to adopt the Cyber Essentials certification scheme, which helps organisations safeguard against routine attacks. As an added benefit, eligible UK organisations with an annual turnover below £20 million receive free cyber liability insurance upon full certification.
Urgent Call for Action
The NCSC Annual Review 2025 paints a picture of the threat environment, a record year for UK cyberattacks increase and a troubling pattern of escalation in highly significant cyber incidents. For the third year in a row, the UK has seen these attacks grow both in frequency and severity.
The message from the nation’s cyber experts is clear: while UK cyberattacks increase are inevitable, their impact can be reduced. Strengthening cyber resilience, investing in security measures, and acting decisively today are the only ways to protect tomorrow’s digital Britain.
