UK critical infrastructure hit by 200 cyber incidents in a year, agency says

21d ago · UK · primary source: theguardian.com

The UK’s critical national infrastructure was hit by more than 200 cyber incidents in the year to May, with state-linked actors behind roughly three-quarters of the attacks, the National Cyber Security Centre disclosed Tuesday. Richard Horne, chief executive of the NCSC, said the incidents targeted systems underpinning the country’s nuclear deterrent, power plants, hospitals and airports [1]. The agency defines a cyber incident as an attempt to “damage, disrupt or gain unauthorised access to computer systems, networks or devices” [1]. Horne told an audience at the Royal United Services Institute that the UK is locked in an “ongoing contest with capable adversaries” and described the threat landscape as sprawling. “This contest is not confined to a compact space. It is not like a wrestling match in a closely defined territory, as some have suggested,” he said. “It is far more akin to a football or basketball game, played across a large field of play, where success depends on how you operate across the entire pitch” [1]. Horne said about 75 percent of the more than 200 incidents the NCSC responded to were “believed to be linked to state actors” [1]. Hostile states including Russia, China and Iran were identified as the principal sources of the activity [1]. The warning builds on a 2024 statement by Pat McFadden, then chancellor of the duchy of Lancaster, who said Russia had “targeted our media, our telecoms, our political and democratic institutions and our energy infrastructure” and could “shut down the power grids” [1]. Cybersecurity has become a defining concern of the decade as digital infrastructure underpins more essential services. Computer security focuses on protecting systems and networks from threats that can lead to disruption or damage, a challenge that has grown with the spread of smart devices and the Internet of things [2]. The NCSC’s latest figures arrive during a period of heightened geopolitical friction. The 2020s have seen an escalation of military conflicts, including the Russian invasion of Ukraine and the 2026 Iran war, which itself triggered large-scale cyber and kinetic exchanges and disrupted global energy markets [3][6]. Horne cautioned that advances in artificial intelligence are likely to accelerate the threat, with 2028 shaping up as the year when cyber-flaws in national infrastructure could crystallise [1]. The UK’s AI Security Institute, a research body under the Department for Science, Innovation and Technology, was established after the 2023 AI Safety Summit and has since detected serious vulnerabilities in models before launch, including flaws that could enable development of biological weapons [8]. Horne stressed that organisations must focus on the fundamentals of cybersecurity, including rapid recovery from attacks. “The many vulnerabilities that organisations tolerate today will be exploited in conflict tomorrow. If they are too expensive or hard to fix in peacetime, then they certainly will be in war,” he said [1]. The NCSC separately recommended in April that consumers abandon passwords in favour of passkeys, describing the technology as a “digital stamp” stored on devices that allows sign-in to apps and websites [1]. Horne said the cyber-threat now stretches from “boardrooms to IT help desks, to sofas at home” [1].

infrastructuresafety-researchcontroversy

Background sources we checked (9)
  • en.wikipedia.org ↗ Computer security (also cybersecurity, digital security, or information technology (IT) security) is a subdiscipline within the field of information security. It focuses on protecting computer software, systems, and networks from threats that can lead to unauthorized information …
  • en.wikipedia.org ↗ From 28 February to 17 June 2026, the United States and Israel were at war with Iran and its regional allies. Hostilities broke out after US–Israeli airstrikes targeting Iranian military and government sites resulted in the assassination of Iranian officials and supreme leader Al…
  • en.wikipedia.org ↗ This list of security hacking incidents covers important or noteworthy events in the history of security hacking and cracking.…
  • en.wikipedia.org ↗ The following is a list of events of the year 2025 in the United States. Following his election victory in November 2024, Donald Trump was inaugurated as the 47th President of the United States and began his second, nonconsecutive term on January 20. The beginning of his term saw…
  • en.wikipedia.org ↗ The 2020s (pronounced "twenty-twenties" or "two thousand (and) twenties") is the current decade of the Gregorian and Julian calendars that began on 1 January 2020 and will end on 31 December 2029. The COVID-19 pandemic and its aftermath marked the early 2020s, which triggered a g…
  • en.wikipedia.org ↗ Microsoft Corporation is an American multinational technology company headquartered in Redmond, Washington. The company became influential in the rise of personal computers through software like Windows and has since expanded into areas such as Internet services, cloud computing,…
  • en.wikipedia.org ↗ The AI Security Institute (AISI) is a research organisation under the Department for Science, Innovation and Technology of the United Kingdom that aims "to equip governments with a scientific understanding of the risks posed by advanced AI". It conducts research and develop and t…
  • en.wikipedia.org ↗ Amazon Web Services, Inc. (AWS) is a subsidiary of Amazon that provides on-demand cloud computing platforms and APIs to individuals, companies, and governments, on a metered, pay-as-you-go basis. Clients often use this in combination with autoscaling (a process that allows a clie…
  • en.wikipedia.org ↗ The practice of mass surveillance in the United States, which entails the pervasive surveillance of virtually all Americans' communications, dates back to wartime monitoring and censorship of international communications from, to, or which passed through the United States. After…

Sources

Spot something wrong? Report an issue