NCSC co-ordinated the national response to 18 ransomware attacks including the attacks on a supplier to NHS 111 and South Staffordshire Water. Credit: Thinkstock The UK National Cyber Security Centre (NCSC) responded to 63 “nationally significant” cyber incidents between September 1, 2021, and August 31, 2022. According to the NCSC’s Annual Review 2022, these incidents included a range of malicious cyber activity such as ransomware, reconnaissance, malware and network intrusions, data exfiltration and disruption of services and systems. Nation-state threats were a significant driver of such malicious activity, with the NCSC citing the likes of Russia and China as posing significant threats to UK and global cybersecurity.Nation-states pose increasing threats to UK cybersecurityIn its review, the NCSC wrote, “While many countries use malign cyber capabilities to some extent, including to control their domestic information environments, the regimes that continued to present the most acute cyberthreat to the UK and its interests were Russia, China, Iran and North Korea.” The type of threats posed by these states varied widely, the NCSC added, including:Cyber-enabled espionage – unauthorised access or transfer of secret, classified or sensitive information to gain advantage over rivals.Destructive cyber capabilities – using tools such as wiper malware to damage IT systems or institutions.Cyber-enabled theft to further strategic advantage or domestic control, for example of Intellectual Property or personal data of citizens.Hack and leak – stealing and publishing sensitive or restricted information to embarrass states or institutions or to undermine social cohesion.Russia’s invasion of Ukraine and the use of cyber operations within was the most significant development in the cybersecurity threat landscape in the last year, whilst China’s technical development and evolution is likely to be the single biggest factor affecting the UK’s cybersecurity in the years to come, the review stated. “In the coming years, with the proliferation of commercially available capabilities, the NCSC anticipates a wider number of states possessing the ability to pose threats to the UK’s cybersecurity,” it read.Commenting, Sir Jeremy Fleming, director of GCHQ, stated, “It is clear the cybersecurity threat is diversifying and evolving. We are seeing more states with cyber capabilities and more non state actors joining the mix. We are also experiencing a shift in technology leadership towards the East. These factors and more have implications for the cybersecurity threats we all face.” UK NCSC co-ordinated national response to 18 ransomware attacksDuring the last year, the NCSC co-ordinated the national response to 18 ransomware attacks including the attacks on a supplier to NHS 111 and South Staffordshire Water. The NCSC stated that ransomware continues to pose one of the most significant cybersecurity threats to businesses in the UK and, given its potential impact on critical national infrastructure and essential services, is considered a national security risk. Most of the ransomware criminal groups that target the UK continue to be based in and around Russia, it added.“The NCSC continued to see increased use of ransomware as a service (RaaS) where ransomware variants are leased to less-skilled affiliates who can launch cyberattacks without building the ransomware themselves,” the review read. “This opens the ransomware attack vector to a wider range of criminal actors where previously it was restricted to those with the requisite technical expertise.” NCSC CEO Lindy Cameron warned that ransomware remains the most acute threat UK organisations face. “These attacks have genuine real-world consequences and are a reminder to all organisations of the importance of taking the important mitigation measures set out in our guidance.” Related content news Google expands minimum security guidelines for third-party vendors Google's updated Minimum Viable Secure Product (MVSP) program offer advice for working with researchers and warns against vendors charging extra for basic security features. By John P. Mello Jr. Dec 08, 2023 4 mins Application Security Supply Chain Supply Chain news New CISO appointments 2023 Keep up with news of CSO, CISO, and other senior security executive appointments. By CSO Staff Dec 08, 2023 28 mins CSO and CISO Careers Security news Top cybersecurity product news of the week New product and service announcements from Coro, Descope, Genetec, Varonis, Cloudbrink, Databarracks, and Security Journey By CSO staff Dec 07, 2023 22 mins Generative AI Security news analysis Attackers breach US government agencies through ColdFusion flaw Both incidents targeted outdated and unpatched ColdFusion servers and exploited a known vulnerability. By Lucian Constantin Dec 06, 2023 5 mins Advanced Persistent Threats Cyberattacks Vulnerabilities Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe