NCSC calls for action after rise in ‘nationally significant’ cyber incidents

Ransomware 

Ransomware remains one of the most acute and pervasive cyber threats to UK organisations, according to the NCSC’s annual review, with attacks on Marks & Spencer, the Co-op and Jaguar Land Rover causing serious disruptions.

One reason for the increase in serious attacks this year is that a small number of cyber attackers are exploiting vulnerabilities at scale.

Three known security vulnerabilities in Microsoft Sharepoint products and other products accounted for 29 incidents managed by the NCSC.

China is targeting a wide range of sectors and institutions in the UK. A company linked to China was exposed last year for running a botnet of 260,000 computers used to launch cyber attacks.

Russia’s invasion of Ukraine and the Israel-Gaza war have inspired hacktivist groups seeking to target the UK and Europe.

According to the NCSC, the UK is also at risk from hacking groups linked to Iran that are known to have targeted US critical infrastructure.

UK firms are “almost certainly” being targeted by IT workers from North Korea posing as freelance IT staff from other countries. North Korea-linked hackers are also highly likely to be targeting UK crypto asset firms to steal funds.

Impact of cyber attacks

Horne said that cyber attacks are not just about computers and data, but they impact growth, prosperity, safety, national security, reputations and the bottom lines of companies.

He said that nothing can prepare an executive for receiving a call to hear their systems have been hacked, but it’s even worse to receive a call without having a plan in place.

“I have sat in too many rooms with individuals who had been deeply affected by cyber attacks against their organisations,” said Horne. “I know the impact the disruption has on their staff, suppliers and customers, the worry, the sleepless nights. And the impact it has on the teams who work round the clock for weeks and months trying to put the pieces back together.”

In an open letter, Shirine Khoury-Haq, CEO of The Co-op Group, echoed his statement that there exists no true preparation for the moment a cyber attack unfolds.

“The intensity, urgency and unpredictability of a live attack is unlike anything you can rehearse,” she said. “The attack has had a significant impact on me, my colleagues and on our members.”

However, Khoury-Haq added that cyber security drills are invaluable, build muscle memory, sharpen instincts and expose vulnerabilities in systems. 

Are businesses prepared?

Horne said that every leader must have a plan to defend against criminal cyber attacks and a plan to keep their business going if they are attacked.

“If your IT infrastructure was crippled tomorrow and all of your screens went blank, could you run your payroll systems, or keep your machinery working, or stock your shelves? If the answer is no, act now,” he added.

Horne’s comments came as the NCSC made a Cyber Action Toolkit available to small businesses and sole traders to improve their cyber security, which comes with free cyber insurance and a helpline.

The NCSC is also offering a Cyber Governance Training scheme for senior leaders and board members.