Threat of UK cyberattack as large as ever, warns National Cyber Security Centre

Written by Sam Trendall on 28 April 2019 in News

Ciaran Martin, the chief executive of the NCSC, stated publicly that the UK suffering a category-one cyberattack is “a matter of when, not if”

Image credit: Andrew Milligan/PA Wire/PA Images

Two years on from WannaCry, the threat of an even more serious cyberattack hitting the UK looms as large as ever, the head of the National Cyber Security Centre has warned.

In the early days of 2018 – eight months on from WannaCry – Ciaran Martin, the chief executive of the NCSC, stated publicly that the UK suffering a category-one cyberattack is “a matter of when, not if”.

“We will be fortunate to come to the end of the decade without having to trigger a category-one attack,” he said, in an interview with the Guardian.

With another eight months left until the start of a new decade, Holyrood’s sister site PublicTechnology asked Martin whether an attack of the highest severity level remains as inevitable as ever, and whether the fact we have avoided one thus far is down to the UK’s defences, the shortcomings of our attackers – or, simply, luck.

 “[It is] a combination of multiple factors,” he said. “I think we are doing a lot of very good work… in particular on resilience and critical infrastructure. But that is not, in and of itself, a guarantee against a category-one attack. I think that we have a good detection and deterrence operation – and I mean deterrence in its broader sense, in terms of making the UK a harder target, a harder place to bother with.”

He added: “I would say we have also come close to category-one attacks. The impact of WannaCry was categorised as a category two, but there are similar attacks in other countries that, had they occurred to that extent, might have been a category-one attack. I wouldn’t see the prospect of one receding, and I think we should expect it at some point. So, we will continue [our] work.”

A category-one attack is classed as a “national cyber emergency”, according to official NCSC classification.

It is defined as: “A cyberattack which causes sustained disruption of UK essential services or affects UK national security, leading to severe economic or social consequences or to loss of life.”

WannaCry fell into category two, which is considered a “highly significant incident”, in which there is “a serious impact on central government, UK essential services, a large proportion of the UK population, or the UK economy”.

Categories three to six are, respectively, classed as significant, substantial, moderate, and localised incidents.

Martin spoke to PublicTechnology at the NCSC’s annual CyberUK event, which took place in Glasgow this week. The two-day conference brought together several thousand attendees across the intelligence community and cybersecurity sector.

Martin’s opening keynote speech was followed by a landmark public appearance of cyber officials from each of the five members – the UK, US, Australia, New Zealand, and Canada – of the Five Eyes intelligence alliance.

Tags

Categories

Related Articles

National Cyber Security Centre urges WhatsApp users to update their phones after a security attack
14 May 2019

The NCSC warned that “it’s important to apply these updates quickly, to make it as hard as possible for attackers to get in”

UK Government outlines new standards for sharing data on cyberthreats
3 April 2019

Open Standards Board concludes process for selecting standards to be applied to the use of “cyberthreat intelligence systems”

Ministry of Defence pledges £66m in funding “to fast-track military robotic projects onto the battlefield”
6 March 2019

Technologies that will be supported include “mini-drones” that can provide an aerial view of a battlefield, and remote-control systems for combat vehicles

HMRC to open high-tech Edinburgh hub
17 June 2019

Plans to relocate almost 3,000 civil servants to a new office building in Edinburgh city centre have...

Related Sponsored Articles

Balancing security and digital transformation
24 October 2018

With the annual worldwide cost of cybercrime set to double from $3tn in 2015 to $6tn by 2021, BT offers advice on how chief information security officers can better...

Associate feature: 5 ways IoT is transforming the public sector
5 February 2018

Vodafone explores some of the ways IoT is significantly improving public sector service delivery

Associate feature: Who keeps your organisation secure?
19 February 2018

BT's Amy Lemberger argues that having the right security in place to protect your organisation is no longer just an option. It is a necessity.

Associate feature: The age of the multi-cloud is here
7 May 2019

BT explores how to manage the risks and rewards of the cloud in their infographic guide, offering advice for ensuring that the challenges don't hold you back 

Share this page