The UK is at risk of Russian cyber and physical sabotage attacks as Ukraine moves closer towards a peace settlement, the UK’s cyber chief has warned.
Richard Horne, CEO of the UK’s National Cyber Security Centre (NCSC), said intelligence reports revealed a “direct connection” between Russian cyber attacks and physical threats to the UK.
His warning follows assessments from MI5 that Russia is hiring freelance agents to conduct arson and other acts of sabotage in the UK.
Horne said intelligence assessments show that Russia will seek to use cyber espionage against Ukraine and its supporters, which include the UK, to gain a strategic advantage in its negotiating strategy.
“The Russian Intelligence Services have focused – amongst other activity – on waging acts of sabotage, often using criminal proxies in their plots,” he said.
“These threats are manifesting on the streets of the UK, against our industries and our businesses, putting lives, critical services and national security at risk,” he added.
Horne, speaking at the NCSC’s CyberUK conference in Manchester, said the role of the intelligence and cyber security community is not just about protecting systems, but about protecting people from harm.
In addition to Russia, the UK faces a heightened threat of cyber espionage from Iranian cyber actors, he said.
UK firms are also being targeted by North Koreans who disguise themselves as freelance third-country IT workers to bring in money for the regime.
Plausible deniability means our adversaries are normalising the use of cyber in pursuit of their geopolitical objectives, which may not align with our own Richard Horne, NCSC
Horne said hostile nations are operating in the “grey zone” and are using non-state actors to conduct cyber attacks and cyber espionage.
“Plausible deniability means our adversaries are normalising the use of cyber in pursuit of their geopolitical objectives, which may not align with our own,” he said.
Horne disclosed that the NCSC had managed more than 200 cyber incidents since September 2024, including twice as many “nationally significant incidents” as in the same period a year ago.
“Behind those numbers are people, our adversaries probing for weaknesses,” he added.
Disengagement with China not an option
Horne said China was the “pacing threat” in cyber security, and the country posed a risk to the UK through the state’s ability to require Chinese companies to cooperate by sharing intelligence with the Chinese government.
“The Chinese Communist Party’s strategic approach to capability, legislation and data means they have a vast ecosystem, entirely at their disposal,” he said.
“And the continued activity that we’re seeing come from the Chinese system remains a cause for profound and profuse concern,” he added.
The Chancellor of the Duchy of Lancaster, Pat McFadden, said in a speech this morning that China was well on the way to becoming a “cyber superpower” and was already a world leader in AI.
“As the world’s second largest economy, it’s deeply embedded in global supply chains and markets,” he said.
However, McFadden warned that the UK could not simply disengage with China, but needed to “engage with the world as it is”.
“We need to view China’s approach to cyber space with open eyes. Disengagement economically from China is not an option. Neither’s naivety.”
