Hostile cyber activity targeting the UK has surged, with incidents increasing by 16% in 2024 compared to the previous year. The National Cyber Security Centre (NCSC) reported handling 430 incidents, up from 371 in 2023. Of these, 347 involved data exfiltration, while 20 were linked to ransomware, underscoring the growing risks.
Richard Horne from the NCSC revealed that adversaries are exploiting society’s reliance on technology to maximise disruption. The centre issued 542 notifications to affected organisations, more than doubling the number of alerts from the previous year. Critical infrastructure sectors such as energy, transport, and health remain particularly vulnerable to ransomware attacks.
The annual review from the NCSC emphasised the evolving nature of threats, warning of the potential for AI to enhance cyberattack complexity. Officials also noted that the risks posed by state actors and cybercriminals remain underestimated. Horne urged against complacency, highlighting the severity of both immediate and long-term dangers.
Efforts to counter these threats are intensifying, but experts stress the importance of strengthening defences and maintaining vigilance as the cyber landscape becomes increasingly hostile.
The UK faces an escalating cyber threat from hostile states and criminal gangs, according to Richard Horne, head of the National Cyber Security Centre (NCSC). In his first major speech, Horne warned that the severity of these risks is being underestimated, citing a significant rise in cyber incidents, particularly from Russia and China. He described Russia’s cyber activity as ‘aggressive and reckless’ while noting that China’s operations are highly sophisticated with growing global ambitions.
Over the past year, the NCSC responded to 430 cyber incidents, a marked increase from the previous year. Among them, 12 were deemed especially severe, a threefold rise from 2023. The agency highlighted the growing threats to critical infrastructure and supply chains, urging both public and private sectors to strengthen their cyber defences. The UK also faces a growing number of ransomware attacks, often originating from Russia, which target key organisations like the British Library and healthcare services.
Horne emphasised the human costs of cyber-attacks, citing how these incidents disrupt vital services like healthcare and education. The rise in ransomware, often linked to Russian criminal gangs, is a major concern, and the NCSC is working to address these challenges. The agency’s review also pointed to increasing cyber activity from China, Iran, and North Korea, with these states targeting the UK’s infrastructure and private sector.
Experts like Professor Alan Woodward of Surrey University echoed Horne’s concerns, urging the UK to step up its cybersecurity efforts to keep pace with evolving threats. With adversaries growing more sophisticated, the government and businesses must act swiftly to protect the country’s digital infrastructure.
Ukraine plans to acquire tens of thousands of uncrewed ground vehicles next year, aiming to enhance battlefield logistics and safety. These robotic platforms, already deployed near the front, will transport supplies, evacuate casualties, and keep soldiers away from dangerous zones. Deputy Prime Minister Mykhailo Fedorov highlighted the growing role of technology in mitigating risks along active conflict lines.
Advancements in military tech are reshaping Ukraine’s defence strategy. With increased production of long-range attack drones, Kyiv is narrowing the technological gap with Moscow. Ukraine has also adopted decoy drones to counter Russian tactics, alongside AI-driven systems to improve battlefield precision and reduce reliance on direct piloting.
Efforts are underway to innovate drone defences, including intercepting Russia’s Shahed drones. Autonomous technologies are expected to rise, with potential for early-stage drone swarm deployment. Fedorov noted the importance of connectivity and launch methods as Ukraine adapts to changing enemy responses.
Ukraine’s government-backed initiatives continue to support military innovation, fostering partnerships with private firms to scale up production and refine technologies. These developments mark a significant shift in how modern warfare is conducted, blending AI and robotics into entrenched combat scenarios.
The White House has engaged leading United States telecommunications executives in a high-level meeting to address a significant cyber-espionage campaign allegedly linked to China. National Security Adviser Jake Sullivan and Deputy Adviser Anne Neuberger hosted the meeting, seeking industry insights and strengthening government-private sector partnerships to counteract future cyber threats.
Earlier this month, US authorities disclosed that hackers, purportedly linked to China, accessed surveillance data meant for law enforcement by breaching multiple telecom companies. Senator Mark Warner described the breach as the ‘worst telecom hack in our nation’s history.’
Though the identities of the companies and executives involved remain undisclosed, the meeting underscores the urgency of cybersecurity improvements amid escalating threats from state-sponsored actors. While China has categorically denied involvement, the incident amplifies concerns over Beijing’s alleged cyber activities targeting critical US infrastructure.
The discussions aim to establish better safeguards against sophisticated attacks, reinforcing collaboration between federal agencies and the telecom sector to bolster national cyber resilience.
British businesses have lost an estimated £44 billion ($55 billion) in revenue over the past five years due to cyberattacks, with more than half of private sector companies experiencing at least one incident, according to a report by insurance broker Howden. Companies earning over £100 million annually faced the highest risk, with cyberattacks cutting 1.9% of revenue on average.
The report identified compromised emails (20%) and data theft (18%) as the leading causes of cyber incidents. Despite these risks, only 61% of businesses used anti-virus software, and just 55% had network firewalls, with cost and limited IT resources cited as major obstacles to better cybersecurity.
“Cybercrime is rising as businesses rely more on technology, exposing vulnerabilities to malicious actors,” said Sarah Neild, head of UK cyber retail at Howden. The findings are based on a September survey of 905 UK private-sector IT leaders conducted by YouGov.
According to Morgan Adamski, executive director of US Cyber Command, Chinese hackers are embedding themselves in US critical infrastructure IT networks to prepare for a potential conflict with the United States. He announced that China-linked cyber operations aim to secure strategic advantages in the event of a major clash.
These operations involve compromising key networks and positioning themselves to execute disruptive attacks. Examples include manipulating heating, ventilation, and air conditioning (HVAC) systems in server rooms or disrupting vital energy and water controls, officials said earlier this year.
Speaking at the Cyberwarcon security conference in Arlington, Virginia, Adamski emphasised the scale of the threat, noting that the US government has launched globally coordinated efforts to counter these operations. These efforts include offensive and defensive measures designed to degrade and disrupt China’s cyber activities worldwide. Actions range from exposing cyber campaigns to imposing sanctions and issuing cybersecurity advisories, with support from allied nations.
Earlier, US Senator Mark Warner described a suspected China-linked cyberespionage campaign, dubbed ‘Salt Typhoon,’ as the worst telecommunications hack in US history. Beijing has repeatedly denied conducting cyberattacks on US entities.
The UN Office for Disarmament Affairs (ODA) will conduct a simulation exercise in early 2025 to help Member States engage with the Global Points of Contact (POC) Directory.
The directory ensures quick and effective responses to cybersecurity incidents by providing a reliable channel for diplomatic and technical contacts across countries. It is part of broader efforts to implement the agreed confidence-building measures (CBMs) and promote cyber stability and security globally, particularly under frameworks such as the UN’s Open-Ended Working Group (OEWG) on the security of ICTs. Most states have recently appointed their POCs and participated in the first ‘ping’ test (a test conducted by the directory manager to verify that the information in the directory is up-to-date).
In hybrid format, the exercise aims to familiarise nominated POCs with practical aspects of participating in the directory and clarify the roles of diplomatic and technical contacts. In collaboration with the UN Institute for Disarmament Research (UNIDIR) and the International Telecommunications Union (ITU), the event will occur virtually, with an in-person debrief.
The UK government has announced the launch of a Laboratory for AI Security Research (LASR), an initiative to protect against emerging AI-driven threats and bolster Britain’s cyber resilience. The lab, backed by an initial £8.22 million in government funding, will bring together experts from academia, industry, and government to address AI’s evolving challenges to national security.
Speaking at the NATO Cyber Defence Conference in London, the Chancellor of the Duchy of Lancaster emphasised that AI is revolutionising national security and noted that ‘[…]as we develop this technology, there’s a danger it could be weaponised against us. Our adversaries are exploring how to use AI on the physical and cyber battlefield’.
LASR will collaborate with leading institutions, including the Alan Turing Institute, Oxford University, Queen’s University Belfast, and Plexal, alongside government agencies such as GCHQ, the National Cyber Security Centre, and the MOD’s Defence Science and Technology Laboratory. Partnerships will extend to NATO allies and Five Eyes countries, fostering an international approach to AI security.
In addition to LASR, the government announced a £1 million incident response project to help allies respond more effectively to cyberattacks. This initiative will further enhance international cooperation in managing cyber incidents.
The official communication highlights that this announcement aligns with the government’s broader agenda, including the forthcoming Cyber Security and Resilience Bill (to be introduced to Parliament in 2025) and the designation of data centres as critical national infrastructure (CNI) to secure the UK’s position as a global leader in cybersecurity and AI innovation.
Italy is ramping up its fight against cybercrime with a draft decree aimed at tackling unauthorised access to sensitive computer systems. The move follows high-profile breaches, including incidents involving state and financial databases, prompting urgent government action. The legislation, which will be discussed by the cabinet on 25 November 2024, focuses on systems critical to military, public safety, health, and civil protection.
The draft gives Italy’s chief anti-mafia prosecutor expanded authority to oversee investigations into cases of extortion linked to data breaches. This comes on the heels of several arrests tied to illicit access to state systems, with dozens more under investigation, including individuals connected to prominent figures like Leonardo Maria Del Vecchio.
Separately, authorities in Bari are probing a potential breach at Italy‘s largest bank, Intesa Sanpaolo, which may have compromised Prime Minister Giorgia Meloni’s account. These incidents underscore the urgency of the proposed crackdown as Italy seeks to safeguard its digital infrastructure.
US authorities have revealed a massive cyberattack on American telecommunications networks, describing it as the ‘worst telecom hack in our nation’s history.’ Linked to Chinese hackers, the breach targeted multiple telecom companies and allowed the interception of surveillance data meant for US law enforcement. According to a joint FBI and CISA statement, the hackers accessed sensitive call records and communications, particularly involving individuals in government and political roles.
The attack also raised alarms after reports suggested telephones belonging to Donald Trump, JD Vance, and other high-profile political figures were compromised. Senator Mark Warner, chairman of the Senate Intelligence Committee, warned that China’s long-term efforts to infiltrate global telecom systems pose a grave security risk. Hackers reportedly managed to listen to phone calls and read text messages, going beyond what the Biden administration has publicly acknowledged.
China has consistently denied allegations of hacking foreign systems, and its embassy in Washington declined to comment on the latest claims. Warner criticised the lack of sufficient safeguards, stating, “The barn door is still wide open,” as concerns over US telecom infrastructure security intensify.
