UK urges firms to prioritize cyber security after hacking rise
A review found that of the 204 most serious incidents, 18 were categorized as “highly significant,” meaning they had a serious impact on government, essential services, the economy or a large proportion of the U.K. population.
LONDON (AFP) — The U.K. government implored businesses Tuesday to prioritize cyber security, as major incidents targeting them hit record levels over the last year and officials warned of the threat from Chinese and Russian hackers.
In a speech to mark the release of the National Cyber Security Centre’s annual review, security minister Dan Jarvis warned the issue needed to be more of a “shared priority”.
The review revealed the center dealt with 204 “nationally significant” attacks in the 12 months to the end of August 2025, up from 89 in the previous year.
It warned the “significant threat” posed by hackers from China and Russia had contributed to the record numbers.
It comes weeks after Jaguar Land Rover halted operations at its U.K. factories for around a month following a crippling and costly cyberattack.
Other attacks this year have targeted companies including Marks and Spencer, Harrods and Co-op.
“For too long, cyber security has been a concern of the middle management and only gets escalated to the seniors in a crisis,” Jarvis said. “It’s not a case of if you will be the victim of a cyber attack, it’s about being prepared for when it does happen.”
‘Significant threat’
Jarvis noted the government had written to hundreds of chief executives of top U.K. firms “that implores … (them) to recognize the threat that is facing them.”
The letter — signed by various senior ministers and the heads of the NCSC and National Crime Agency — urged them to take “concrete actions” to manage cyber risks.
It also recommended making cyber resilience a board-level responsibility and signing up for the NCSC’s early warning system.
The NCSC yearly review found that, of the 204 most serious incidents, 18 were categorized as “highly significant.”
That means they had a serious impact on government, essential services, the economy or a large proportion of the U.K. population.
“State actors continue to present a significant threat to U.K. and global cyber security, aided by an evolving cyber intrusion sector,” it said.
The analysis called China a “highly sophisticated and capable threat actor, targeting a wide range of sectors and institutions across the globe, including the U.K.”
Meanwhile, Russia is a “capable and irresponsible threat actor in cyberspace,” with pro-Moscow “hacktivist” groups operating outside formal state control seeking to target Western nations and organizations.
—
By Agence France-Presse
Subscribe to Closing Arguments
Sign up for new weekly newsletter Closing Arguments to get the latest about ongoing trials, major litigation and hot cases and rulings in courthouses around the U.S. and the world.
link
