UK underestimates threat from hostile states, says new NCSC head

Richard Horne highlights the risks posed by foreign states and urges organizations to implement NCSC advice.

featured-image

The UK is failing to take cyber threats seriously enough, the new head of the National Cyber Security Centre (NCSC) has warned. In his first major speech in the role, Richard Horne is warning that organizations are underestimating the risks from hostile states and cyber criminals. Speaking at the NCSC's headquarters for the launch of its , Horne stressed that the frequency of cyber attacks was increasing.

"Last week, the Chancellor of the Duchy of Lancaster warned about the aggression and recklessness of cyber activity we see coming from Russia. And with our partners, including at the NPSA, we can see how cyber attacks are increasingly important to Russian actors, along with sabotage threats to physical security, which the director general of MI5 spoke about recently," he said. "All the while, China remains a highly sophisticated cyber actor, with increasing ambition to project its influence beyond its borders.



And yet, despite all this, we believe the severity of the risk facing the UK is being widely underestimated." The Annual Review highlights the way conflicts are fuelling a volatile threat landscape. Examples include Russia's use of destructive malware against Ukrainian targets and routine attempts to interfere with the systems of NATO countries in support of its war effort.

China, meanwhile, has been targeting a wide range of sectors. In February, for example, the on compromises of US Critical National Infrastructure (CNI) by Volt Typhoon, while the following month the government called out China-affiliated actors for targeting democratic institutions. Meanwhile, Iran-based threat actors remain aggressive in cyberspace, according to the report, and the Democratic People's Republic of Korea (DPRK) continues to gather funds to circumvent sanctions and collect intelligence.

The report also warns of the risks of ransomware - the most pervasive cyber threat to UK organizations, it said - highlighting the financially motivated ransomware attack on . "In the past year, we have seen crippling attacks against institutions that have brought home the true price tag of cyber incidents. "The attack against Synnovis showed us how dependent we are on technology for accessing our health services.

And the attack against the British Library reminded us that we're reliant on technology for our access to knowledge." Horne warned that both public and private organizations were failing to implement its advice, guidance, and frameworks. , he said, shouldn't be seen simply as a necessary evil or compliance function, but as a business investment and catalyst for innovation.

"There is no room for complacency about the severity of state-led threats or the volume of the threat posed by cyber criminals," he said. "The defense and resilience of critical infrastructure, supply chains, the public sector, and our wider economy must improve.".