Cyber attack
Source: Canva

The United Kingdom has warned that the country is facing an intensifying wave of cyber threats, with officials saying that the most damaging attacks on the country are linked to state-backed actors rather than from criminal hackers.

Speaking at the CyberUK conference, National Cyber Security Centre (NCSC) chief Richard Horne said the agency is now handling around four 'nationally significant' cyber incidents each week, which officials say are being carried out by hostile states - primarily Russia, China, and Iran.

While Horne acknowledged that ransomware remains the most common problem, he underscored that cyber threats that 'directly or indirectly' come from these nations posed more serious challenges and severe risks to national security, business, and critical infrastructure.

Horne Warns of 'Hacktivist Attacks' At Scale

Cyber actors
Supply chain attacks pose a significant threat as they can impact multiple organisations through one initial compromise Photo by Tima Miroshnichenko/Pexels

Beyond direct state activity, Horne warned that if the UK is involved in a conflict, the UK could face 'hacktivist attacks at scale', which could disrupt services without the typical recovery options available in ransomware cases.

Russia, China, and Iran: Distinct But Converging Threats

Each of the three countries named by UK officials has different strengths and reasons for being involved in cyber activities.

Horne said China's intelligence and military agencies display an 'eye-watering level of sophistication in their cyber operations'. Russia, drawing on its experience in conflicts such as Ukraine, has expanded its cyber operations across Europe, targeting infrastructure like energy systems and utilities, The Independent reported.

Iran, on the other hand, has been linked to a cyber campaign 'to support the repression of British individuals on our streets who are seen as a threat to the regime', Horne added.

Incidents of Cyberattacks Reported in the UK and Other Parts of Europe

Earlier this month, hackers tied to Russia's GRU used a flaw in common internet routers to steal private information.

In March, as the US and Israel started their war on Iran, the NCSC said that British organisations were targeted by indirect cyber threats, particularly those who have a presence in the Middle East, The Record reported.

Other European countries have also reported cyberattacks from these hostile nations, including Sweden, which reported that a pro-Russian group with ties to the country's security and intelligence services was to blame for a cyberattack on a heating plant last year.

In addition, Norwegian authorities also linked to Russia a hack incident in April 2025, which affected water flows from a dam, a report from The Associated Press said.

Government Response and Call for Stronger Cyber Resilience

Amidst these rising cyber threats, the UK government is urging both public and private sectors to strengthen their cyber defences.

'Defending against that means every organisation embedding cybersecurity into their corporate mission, ensuring they understand the full extent of risk they face', Horne said.

At the same conference, Security Minister Dan Jarvis announced a £90-million ($121.4-million) investment package and a new Cyber Resilience Pledge aimed at strengthening cybersecurity and providing support for small and medium-sized firms, Reuters reported.

As cyberattacks increasingly target supply chains and private enterprises, resilience across the entire economy is seen as essential, and that cyber defence should be considered as a shared national responsibility.

Writer's pick