THE NATIONAL CYBER SECURITY CENTRE (NCSC) has revealed that the UK has been whacked by 590 'significant' cyber attacks in the last year, with more than 30 considered 'Category 2', or serious enough to warrant a cross-departmental response.
Among those were the WannaCry ransomware attack that took down parts of the NHS earlier this year.
"We saw a small scale event ramp up very quickly into a national event," said Paul Chichester, director of operations at NCSC, the arm of GCHQ concerned with cyber defence and promoting cybersecurity.
The situation is getting steadily more serious, Chichester said during an interview with BBC Radio 4's Today programme this morning.
"The threat is increasing; you can see criminals and nation states really starting to see the power and the opportunities that attacks in cyberspace can offer them," he explained.
Another Category 2 attack was the NotPetya ransomware outbreak which began hitting targets in Ukraine but which quickly spread to companies doing business with that country, such as FedEx which estimates the resulting losses at $300m. Shipping company Maersk was left facing similar losses.
"We're starting to wake up to this it isn't being seen in some sectors as an existential risk, cos if you are a data-driven company and that data disappears or is changed that's the end of your company" said NCSC technical director Ian Levy, adding that he hoped such attacks will "bring clarity to some big company boards" about the need to invest in cyber defences.
"My job is to ensure they get the advice that lets them invest wisely," Levy said.
Of major concern is the possibility of an attack on the apparatus of democracy or on the national infrastructure. After Russia's apparent interference in the US and French elections, the NCSC had to move fast to protect the snap UK general election called this summer, said Alison Whitney, NCSC deputy director for digital government.
While the UK uses paper rather than electronic voting, there is still ample possibility for an attacker to interfere with the flow of data during an election.
"Most local authorities use IT systems to create the electoral roles, so the data is held electronically even though the elections are paper-based," she noted.
Ciaran Martin, NCSC chief executive, added that a Category 1 attack on the national infrastructure or key systems of government was just a matter of time.
"Those are the two areas where we've seen the greatest threat, not just what we've been worried about as we've monitored intrusions against the UK, but also we've seen those attacks realised in other countries," he said. µ
Turns out some companies had fixed it before it came to light
There's still a timeline for Timeline but not this time
'Lack of significant enhancements' is causing lacklustre sales
How SD-WAN can fuel your businesses' digital transformation