UK hit by 590 'significant' cyber attacks in the last year, says NCSC

A Category 1 attack on the national infrastructure or systems of government is just a matter of time

The UK has been hit by 590 'significant' cyber attacks in the last year, with more than 30 considered 'Category 2', or serious enough to warrant a cross-departmental response.

Among those were the Wannacry ransomware attack that took down parts of the NHS in May.

"we saw a small scale event ramp up very quickly into a national event, " said Paul Chichester, director of operations at the National Cyber Security Centre (NCSC), the arm of GCHQ concerned with cyber defence and promoting cyber security.

The situation is getting steadily more serious, Chichester said during an interview with BBC Radio 4's Today programme this morning.

"The threat is increasing; you can see criminals and nation states really starting to see the power and the opportunities that attacks in cyber space can offer them," he explained.

Another Category 2 attack was the NotPetya ransomware outbreak which began hitting targets in Ukraine but which quickly spread to companies doing business with that country, such as FedEx which estimates the resulting losses at $300m. Shipping company Maersk was left facing similar losses.

"We're starting to wake up to this it isn't being seen in some sectors as an existential risk, because if you are a data-driven company and that data disappears or is changed that's the end of your company" said NCSC technical director Ian Levy, adding that he hoped such attacks will "bring clarity to some big company boards" about the need to invest in cyber defences.

"My job is to ensure they get the advice that lets them invest wisely," Levy said.

Of major concern is the possibility of an attack on the apparatus of democracy or on the national infrastructure. After Russia's apparent interference in the US and French elections the NCSC had to move fast to protect the surprise snap UK general election called this summer, said Alison Whitney, NCSC deputy director for digital government. While the UK uses paper rather than electronic voting, there is still ample possibility for an attacker to interfere with the flow of data during an election.

"Most local authorities use IT systems to create the electoral roles, so the data is held electronically even though the elections are paper-based," Whitney noted.

Martin added that a Category 1 attack on the national infrastructure or key systems of government was just a matter of time. "Those are the two areas where we've seen the greatest threat, not just what we've been worried about as we've monitored intrusions against the UK, but also we've seen those attacks realised in other countries."