Russia and China exploiting UK’s technology dependence to cause ‘maximum destruction’, GCHQ warns
The NCSC’s annual report shows a threefold increase in the most serious cyber incidents affecting the UK in 2023-24
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.Russia, China and other hostile actors are exploiting the UK’s dependence on technology to cause “maximum disruption and destruction”, Britain’s cyber security chief has warned.
In his first major speech, Richard Horne, head of GCHQ’s National Cyber Security Centre (NCSC), highlighted the “widening gap” between the threats facing the UK – from both state-backed hackers and online criminals – and the defences in place to protect businesses and public services.
Speaking at the launch of the NCSC’s annual review in London, he said the UK must wake up to Russia’s online “aggression and recklessness”, as well as the risks posed by “highly sophisticated” Chinese hackers.
“The UK has one of the world’s most advanced digital economies”, he said, adding: “Those critical systems and services make attractive targets for hostile states and malicious actors in cyber space.
“They are increasingly using our technology dependence against us, seeking to cause maximum disruption and destruction”.
The NCSC’s annual report shows a threefold increase in the most serious cyber incidents affecting the UK in 2023-24, but the danger is still being “widely underestimated” by both public and private sector organisations, the cyber security chief warned, calling for the UK to “increase the pace we are working at to keep ahead of our adversaries.”
Mr Horne, who has been in post since October, warned of “the aggression and recklessness of cyber activity we see coming from Russia”, both from organisations linked to Vladimir Putin’s government and groups operating without direct Kremlin control.
Speaking on Tuesday, he said: “We can see how cyber attacks are increasingly important to Russian actors, along with sabotage threats to physical security, which the director general of MI5 spoke about recently.
“All the while, China remains a highly sophisticated cyber actor, with increasing ambition to project its influence beyond its borders... And yet, despite all this, we believe the severity of the risk facing the UK is being widely underestimated.”
“There is no room for complacency about the severity of state-led threats or the volume of the threat posed by cyber criminals”, he added, saying the “defence and resilience of critical infrastructure, supply chains, the public sector and our wider economy must improve.”
The NCSC’s report described Russia as a “capable, motivated and irresponsible threat actor in cyberspace” and through its actions in Ukraine Mr Putin’s government is also inspiring “non-state threat actors” not officially linked to the Kremlin to carry out cyber attacks against critical national infrastructure.
Chinese hackers such as the Volt Typhoon group had targeted US infrastructure and “could be laying the groundwork for future disruptive and destructive cyber attacks” while in the UK Beijing-linked groups are believed to have targeted MPs’ emails and the Electoral Commission’s database.
The report also warns that Iran “is developing its cyber capabilities and is willing to target the UK to fulfil its disruptive and destructive objectives” while North Korean hackers were targeting cryptocurrency to raise revenue and attempting to steal defence data to improve Pyongyang’s internal security and military capabilities.
The NCSC also believes that UK firms are being targeted by workers from North Korea “disguised as freelance third-country IT staff to generate revenue for the DPRK regime”.
The report highlights major incidents including the British Library hack in October 2023 and the Synnovis incident in June 2024, which saw a Russian gang carry out a ransomware attack which disrupted health services.
The Synnovis incident, Mr Horne said, “showed us how dependent we are on technology for accessing our health services. And the attack against the British Library reminded us that we’re reliant on technology for our access to knowledge”.
“What these and other incidents show is how entwined technology is with our lives and that cyber attacks have human costs.”
In all, 2023-24 saw the NCSC receive 1,957 reports of cyber attacks, 430 of which needed support from the centre’s incident management team, up from 371 the previous year.
Of these incidents, 89 were nationally significant, 12 of which were at the top end of the scale and more severe in nature, a threefold increase on last year.
The increasing availability of artificial intelligence can increase the volume and heighten the impact of cyber attacks, the report warned.
Cabinet Office minister Pat McFadden said: “As this report shows, while AI presents huge opportunities, it is also transforming the cyber threat.
“Cyber criminals are adapting their business models to embrace this rapidly developing technology – using AI to increase the volume and impact of cyber attacks against citizens and businesses, at a huge cost.”
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments