Britain needs to get ready for more cyberattacks from hostile countries, according to the head of the UK’s cybersecurity agency. At the same time, government ministers are urging tech companies to help create AI-powered defenses for key infrastructure.
Richard Horne, chief executive of the National Cyber Security Centre, said the UK is already dealing with about four major cyber incidents each week, and the most serious cases are now more often linked to governments than to criminal groups.
State-linked threats are becoming more prominent
At the government’s annual CYBERUK conference in Glasgow, Horne said ransomware is still the most common threat for organizations. However, he explained that most of the most serious incidents now come directly or indirectly from nation states.
Reuters reported that he specifically named China, Iran, and Russia, and said these attacks target both Britain and its European partners. Horne also warned that the UK is experiencing the most seismic geopolitical shift in modern history, connecting the rise in cyber threats to wider international tensions.
That warning lands against an already tense security backdrop.
The Strait Times shared that Britain’s domestic intelligence service MI5 said last year authorities had disrupted more than 20 Iran-linked plots since 2022, some of which targeted people living in the UK.
Mathieu Cousin, cyber risk and threat intelligence strategist at AXA XL, who said last month that the U.S.-Israeli war on Iran would likely trigger more cyber activity because when geopolitical tensions rise, cyber activity follows.
Hacktivist disruption could grow in a conflict scenario
Horne’s strongest warning was about what might happen if Britain gets closer to an active conflict. He said the UK would probably face large-scale hacktivist attacks, which could cause as much disruption as major ransomware incidents but without the option to pay and restore systems.
This is important because, with ransomware, there is at least the option to negotiate, but politically motivated attacks may be much harder to undo once they affect public systems or essential services.
AI is seen as both a threat multiplier and a defense tool
Horne also said that advances in artificial intelligence are likely to make cyberattacks faster by helping attackers find weaknesses more quickly.
At the same time, the British government wants to use AI as part of the solution. Security Minister Dan Jarvis used the conference to ask top AI companies to work with the government on AI-powered cyber defenses to protect important national infrastructure.
Jarvis also announced new funding and a wider effort to build resilience. He invited businesses to sign a voluntary Cyber Resilience Pledge and announced an extra 90 million pounds ($122 million) over the next three years to boost cybersecurity, including help for small and medium-sized businesses.
This shows the government sees the next phase of cyber threats as not just a national security issue, but a problem that will affect the whole economy and regular businesses too.
A warning with strategic overtones
Overall, the message from Glasgow was that cyber risk is not new, but its main source is changing. Criminal hacking is still a daily problem.
However, the UK’s top cybersecurity official now says the most serious attacks are more often linked to rival countries, and Britain should get ready for that.
For now, the government plans to work more closely with industry, invest more, and try to use AI before hostile states do.
