There is “little doubt” a major life-threatening cyber attack on the UK will take place in the near future, the National Cyber Security Centre (NCSC) has warned.
In its second annual review, published on Tuesday, the NCSC revealed it has handled more than 10 attacks a week in the last two years – the majority of which it traced back to “nation states in some way hostile to the UK”.
Since it became fully operational in 2016 it has handled 1,167 cyber incidents, including 557 in the last 12 months.
The majority of the attacks “were undertaken by groups of computer hackers directed, sponsored or tolerated by the governments of those countries,” writes Ciaran Martin, CEO of the NCSC.
“These groups constitute the most acute and direct cyber threat to our national security.”
None of the incidents fell into the so-called category one – a strike with potential risk to life.
However, Mr Martin warned that such an attack was highly likely.
“I remain in little doubt we will be tested to the full, as a centre, and as a nation, by a major incident at some point in the years ahead,” he said.
The most prominent cyber attack on the UK, the WannaCry malware attack on the NHS, was classed by NCSC as a category two attack, defined as having “a serious impact on a large portion of the population, economy or government”.
The Department of Health revealed last week that the WannaCry attack, which affected at least 80 out of the 236 hospital trusts across England, as well as a further 595 GP practices, cost the NHS a total of £92 million – including £72m for IT support.
Earlier this month, foreign secretary Jeremy Hunt accused Russia’s intelligence service, the GRU, of waging a campaign of “indiscriminate and reckless” cyber strikes targeting institutions across politics, businesses, media and sport.
Mr Martin describes nation state activity as “the most acute threat”, but says the most “chronic” risk comes from “high-volume cyber crime”, which is handled by the National Crime Agency (NCA).
As well as defending the UK against targeted attacks, the NSCS also handles what it describes as “high-volume commodity attacks”, such as phishing emails designed to fool people into installing malware on their devices.
The NCSC launched the Active Cyber Defence initiative in 2017 to deal with these attacks.
According to the report, the UK’s share of visible global phishing attacks has dropped from 5.3% to 2.4% since the scheme’s introduction.