The UK's critical national infrastructure suffered more than 200 cyber incidents in the past year, with state-linked actors responsible for roughly 75% of attacks, according to the National Cyber Security Centre.
Richard Horne, chief executive of the NCSC, described the UK as engaged in an "ongoing contest with capable adversaries." Russia, China and Iran are among the hostile states increasingly targeting critical infrastructure sectors including energy, water and communications.
The findings underscore mounting pressure on systems that underpin essential services. State-sponsored threat actors continue to develop sophisticated capabilities, with the NCSC warning that artificial intelligence could amplify future threats.
Horne emphasized the scale of the challenge facing UK defenses. The high proportion of state-linked incidents reflects a strategic shift in how adversaries operate, moving beyond opportunistic cybercriminals to coordinated campaigns backed by foreign governments.
The NCSC has positioned itself as a central defense mechanism, working to harden critical systems against ongoing probes and intrusions. The agency has issued guidance to operators in key sectors on identifying vulnerabilities and responding to attacks.
The threat landscape continues to evolve. Adversaries are refining techniques to penetrate air-gapped networks and develop long-term persistence in compromised systems. The potential integration of AI tools into attack methods poses an emerging risk that cybersecurity officials are actively monitoring.
These incidents carry significant risk. Successful breaches of critical infrastructure can disrupt essential services affecting millions of citizens, from power supply interruptions to water system failures. The frequency of attacks indicates persistent, sustained efforts rather than isolated incidents.
The UK government has made cybersecurity a strategic priority, allocating resources to defensive capabilities and intelligence gathering. However, the scale of incidents reported by the NCSC signals that threats continue to outpace defenses in some areas.
Organizations operating critical infrastructure face pressure to adopt advanced security measures, including threat intelligence sharing with government agencies and implementation of zero-trust security models. The NCSC continues to work with private sector operators to strengthen resilience against state-level threats.
Modern phishing techniques can circumvent multi-factor authentication without stealing passwords, according to a new webinar. Behavioral AI tools can help security teams detect compromised accounts faster and automate response measures.
AI agents now access data, trigger workflows, and deploy code across critical business systems with minimal governance controls. Security researchers warn that organizations are failing to manage these digital entities as formal identities.
Ofcom has contacted Telegram seeking clarification on how the messaging app detects illegal incitement, after a Ukrainian man was convicted of arson attacks on property linked to UK Prime Minister Keir Starmer. The attacker was directed via the platform by a handler.
A New York man faces cyberstalking charges after allegedly creating and distributing AI-generated nude images of a Georgia college student. He also fabricated racist messages using fake social media profiles.