Most nationally significant cyber attacks on UK ‘carried out by hostile states’ including China, Iran and Russia

Dr Richard Horne is expected to tell the annual CyberUK conference in Glasgow on Wednesday that rapid changes in technology and increased international tensions are creating “what feels like tumultuous uncertainty” for the UK.

He is set to warn that businesses should be prepared to protect themselves against cyber attacks without needing the option of paying ransoms, because the UK could be targeted “at scale” if it were to become involved in an international conflict.

NCSC, which is part of GCHQ, deals with around four nationally significant incidents per week and, while those numbers remain “fairly steady”, Dr Horne will say that most of them are carried out by hostile states including China, Iran and Russia.

Read more: Russia laying groundwork for intervention in Nato territory as false flag risks rise, experts warn

Read more: Donald Trump 'extends Iran war ceasefire' just hours before agreement was set to expire

“Criminal activity such as ransomware remains the most prevalent threat to the vast majority of organisations.

“But the majority of the nationally significant incidents that my teams are handling now originate directly or indirectly from nation states.

“We know that China’s intelligence and military agencies now display an eye-watering level of sophistication in their cyber operations.

“This, combined with their whole-of-state approach, means we face more than just a capable cyber threat but a peer competitor in cyber space.

“We know that Iran is almost certainly using cyber activity to support the repression of British individuals on our streets who are seen as a threat to the regime.

“And we know that Russia is taking the cyber lessons it has learnt in a theatre of war and is moving them beyond the battlefield.

“The tactics and techniques honed in conflict are now being directed at states it considers hostile.”

There is “sustained Russian hybrid activity targeting assets across the UK and Europe”, he is expected to say.

Earlier this month, hackers linked to Russia’s GRU military intelligence agency were blamed for exploiting a weakness in commonly used internet routers to steal users’ sensitive information.

The NCSC said the APT28 group, also known as Fancy Bear, had been able to redirect internet traffic to enable hackers to harvest people’s email login passwords and other data.

Dr Horne will tell the conference that businesses should be able to protect themselves against hacks and other cyber attacks without needing to pay ransoms to recover.

“Were we to be in, or near, a conflict situation, the UK would likely face hacktivist attacks at scale, with similar effects and sophistication to the ransomware attacks we see today, but no option to pay a ransom to help recover.

“Defending against that means every organisation embedding cyber security into their corporate mission, ensuring they understand the full extent of risk they face.”

Britain needs to embrace the use of AI as quickly as enemies use it to attack, he will say, and businesses need to plan for the future when quantum computers will be able to break commonly used encryption processes.

Dr Horne will tell delegates cyber security is a key part of defence amid increased international tensions.

“We are living through the most seismic geopolitical shift in modern history,” he will say.

“As Blaise Metreweli, the chief of MI6, said in December, our world is more dangerous and contested now than it has been for decades.

“We are operating in a space between peace and war. Let’s be clear, cyber space is part of that contest.”

CyberUK is the annual UK government cyber security conference.

Security minister Dan Jarvis will use his appearance at the conference to urge AI firms to work with the Government to build cyber-defence capabilities.

"We’ve already made the UK a top destination for AI investment and want to take this work a step further in a generational endeavour to protect the UK from a new era of threats,” he said.

Mr Jarvis will also announce £90 million of funding for small and medium-sized businesses to increase their security and urge firms to sign up to a voluntary cyber-resilience pledge committing to measures to protect themselves from hackers.