A ‘perfect storm’: NCSC chief issues warning over quantum threats, nation-state hackers, and the dangers of global ‘hacktivism’

Iran, Russia, China and other nation states represent the most serious cybersecurity threats to the UK today, according to Richard Horne, the CEO of the National Cyber Security Centre (NCSC).

Speaking at the CyberUK conference in Glasgow, Horne said that technological change and geopolitical tensions make for 'tumultuous uncertainty', with the agency already handling an average of four nationally significant incidents a week.

"Criminal activity such as ransomware remains the most prevalent threat to the vast majority of organizations, but the majority of the nationally significant incidents that my teams are handling now originate directly or indirectly from nation states," he said.

Horne warned that China’s intelligence and military agencies in particular now display an 'eye-watering' level of sophistication in their cyber operations, while Iran is almost certainly using cyber activity to support the repression of British individuals.

Russia, meanwhile, is using the tactics and techniques that it's honed in conflict against states it considers hostile, making cyber security the new 'home front'.

"We know that, were we to be in, or near, a conflict situation, the UK would likely face hacktivist attacks at scale. With similar effects and sophistication to the ransomware attacks we see today but no option to pay a ransom to help recover," he said.

These threats are combining with others to create a 'perfect storm', with frontier AI capabilities now rapidly enabling discovery and exploitation of existing vulnerabilities at scale.

Attackers are exposing gaps in the fundamentals of cybersecurity, such as code shipped by tech producers with significant vulnerabilities, organizations' failure to patch with the completeness or urgency they should, and a failure to replace legacy systems.

NCSC sounds alarm on quantum threats

Meanwhile, quantum is a looming threat, Horne told attendees. The warning comes amid rising concerns about ‘Q-Day’, the point at which quantum computers can crack traditional encryption methods.

Google, for example, recently revised its timeline for this tipping point to within just three years. Predictions on this front vary wildly, however, ranging from within a few years to decades.

"We don’t know when a quantum computer will be able to break the widely used cryptography that we rely on in everything we do. But we do know it is in our gift to be ready for that point," he said.

He advised organizations to refer to NCSC guidance setting out what they need to do over the coming years to ensure successful migration to post-quantum cryptography.

More broadly, as the technology landscape develops the definition of cybersecurity expands with it. Efforts to shore up protections across a wider array of areas are being made globally, such as in operational technology (OT), typically used to control energy systems and production lines – both key targets for state-backed threat groups and hacktivists.

Ric Derbyshire, principal security researcher at Orange Cyberdefense, echoed Horne's concerns about politically-motivated hacktivist groups.

"Escalatory hacktivism is a phenomenon we are seeing in which groups align with state-backed narratives and contribute to their host state’s hybrid warfare efforts. This trend is set to become more pervasive and more impactful," he said.

"This is about societal resilience as much as cyber resilience. It will require stronger global collaboration, closer public-private coordination, and sustained legislative action, such as the Cyber Security and Resilience Bill, with a focus on protecting critical services and maintaining continuity in the face of disruption.”

FOLLOW US ON SOCIAL MEDIA

Follow ITPro on Google News and add us as a preferred source to keep tabs on all our latest news, analysis, views, and reviews.

You can also follow ITPro on LinkedIn, X, Facebook, and BlueSky.