Cyber threats
The United Kingdom faces an increasing number of groups and individuals with the ability and desire to carry out attacks using cyberspace. Some try to steal data or money, others seek to spy, draw attention to a cause, or disrupt Government, society and individuals by preventing normal working.
With increasing connectivity of digital systems, cyber attacks are becoming more frequent and sophisticated, and more damaging when successful.
The Government has assessed that the risk of cyber attacks has increased since 2015, and the number and severity of cyber incidents will continue to increase. See more in the Gov cyber security breaches survey 2023.
An example of this is the attack on NHS and public-sector systems in May 2017, where the WannaCry malware infected a number of organisations and locked users out while demanding a ransom.
Cyberspace is essential to the economy as it supports open markets, sharing information and access to knowledge. This openness however makes us more vulnerable to criminals, terrorists and foreign intelligence services seeking to steal our data, compromise our services, or radicalise members of the public. Our dependence on cyberspace means our prosperity, key infrastructure, places of work and homes can all be affected by cyber attacks.
Vulnerabilities can take time to identify, and exploited systems can be used to attack other systems and networks, making culprits difficult to identify. The consequences of a cyber attack may include:
- Possible physical causalities and/or fatalities in the event of a loss/disruption to critical services, eg. police, fire, health, transport and energy
- Denying legitimate access to systems and information services
- Loss of confidentiality due to information being stolen or released
- Loss of integrity where data has been damaged or corrupted
- Economic damage to individuals and businesses.
What should you do?
The ‘Are You Cyber Aware?’ website has helpful password security and software guidance for members of the public. These are quick and simple steps to make your devices such as laptops, tablets, mobiles and home PCs much better protected against the vast majority of cyber-attacks.
Business-owners should reference the ‘Ten Steps to Cyber Security’ guidance as well as the Cyber-essentials and small-business guidance. The NCSC website provides a wealth of information.
The NCSC also runs the Cyber security Information Sharing Partnership (CiSP), designed to bring the Government and businesses together to better understand cyber attacks.