Advertisement
Aviation Africa LB Aviation Africa LB

News

Articles

Information

Resources

Advancing UK Aerospace, Defence, Security & Space Solutions Worldwide

Defence Security

NCSC Annual Review launched

Posted 11 December 2024
The National Cyber Security Centre (NCSC) launched its eighth Annual Review at its London headquarters last week, highlighting growing threats, including from state actors.

Image courtesy NCSC

In the Annual Review, the NCSC highlights the increasingly challenging online environment that the UK and its allies are navigating to ensure a safe and prosperous digital world for its citizens.

In his first major speech, Richard Horne (above), CEO of the NCSC since October 2024, emphasised the need for sustained vigilance in an increasingly aggressive online world.: “What has struck me more forcefully than anything else since taking the helm at the NCSC is the clearly widening gap between the exposure and threat we face, and the defences that are in place to protect us.

Advertisement
ADS S&P RT

“And what is equally clear to me is that we all need to increase the pace we are working at to keep ahead of our adversaries.

“The NCSC, as the National Technical Authority, has been publishing advice, guidance and frameworks since our inception, in a bid to drive up the cyber security of the UK. The reality is that advice, that guidance, those frameworks need to be put into practice much more across the board.

“We need all organisations, public and private, to see cyber security as both an essential foundation for their operations and a driver for growth. To view cyber security not just as a ‘necessary evil’ or compliance function but as a business investment, a catalyst for innovation and an integral part of achieving their purpose.

“Hostile activity in UK cyberspace has increased in frequency, sophistication and intensity. We see this in the intelligence we can access through being part of GCHQ. Actors are increasingly using our technology dependence against us, seeking to cause maximum disruption and destruction.

“Last week, the Chancellor of the Duchy of Lancaster warned about the aggression and recklessness of cyber activity we see coming from Russia. And with our partners, including at the NPSA, we can see how cyber attacks are increasingly important to Russian actors, along with sabotage threats to physical security, which the director general of MI5 spoke about recently.

“All the while, China remains a highly sophisticated cyber actor, with increasing ambition to project its influence beyond its borders.

“And yet, despite all this, we believe the severity of the risk facing the UK is being widely underestimated.

“There is no room for complacency about the severity of state-led threats or the volume of the threat posed by cyber criminals. The defence and resilience of critical infrastructure, supply chains, the public sector and our wider economy must improve.

“In the past year, we have seen crippling attacks against institutions that have brought home the true price tag of cyber incidents. The attack against Synnovis showed us how dependent we are on technology for accessing our health services. And the attack against the British Library reminded us that we’re reliant on technology for our access to knowledge.

“What these and other incidents show is how entwined technology is with our lives and that cyber attacks have human costs.” 

On the launch of the NCSC’s Annual Review, Chancellor of the Duchy of Lancaster Pat McFadden said: “As a nation, we must harness technology to drive growth and opportunity, without leaving ourselves vulnerable to the ever-growing threat from malicious cyber actors.

“The NCSC is at the centre of the Government's efforts to strengthen the cyber resilience of organisations and individuals.

“We must work alongside industry to meet the increasingly sophisticated challenges we face and make the UK the safest place to live and work online.”

Advertisement
ODU RT

State threat
Characterising the 2024 cyber threat landscape as “diffuse and dangerous”, the NCSC Annual Review notes a rising frequency of cyber incidents and a growing severity in their impact.

Over the past 12 months, the NCSC has observed how conflicts are fuelling a volatile threat landscape, including Russia’s deployment of destructive malware against Ukrainian targets, and routine attempts to interfere with the systems of NATO countries in support of its war effort.

China is described as a highly sophisticated and capable actor targeting a wide range of sectors. In February 2024, the NCSC co-signed an advisory on observed compromises of US Critical National Infrastructure (CNI) by Volt Typhoon and in March 2024 the UK government called out China state-affiliated actors for targeting democratic institutions.

Iran-based threat actors remain aggressive in cyberspace and the Democratic People’s Republic of Korea (DPRK) continues to prioritise raising revenue to circumvent sanctions and collect intelligence in its cyber activity.

Criminal threat
Ransomware is highlighted as the most pervasive cyber threat to UK organisations, highlighting the financially motivated ransomware attack on Synnovis, a supplier to the NHS, which had a significant impact on citizens.

Elsewhere, cyber criminals’ use artificial intelligence (AI) to increase the volume and heighten the impact of cyber attacks. In January 2024, the NCSC published an assessment of the near-term impact of AI on the cyber threat, highlighting how it can be used for reconnaissance, social engineering and analysis of exfiltrated data.

The Annual Review also notes an observation from the NCSC that the application of AI to cyber defence will exceed the uplift in any adversary capability or application.

Incidents
This year, the NCSC’s Incident Management team handled 430 incidents, compared to 371 the previous year. Of these, 347 involved some level of data exfiltration and 20 incidents involved ransomware.

The top sectors reporting ransomware activity into the NCSC this year were academia, manufacturing, IT, legal, charities and construction.

Elsewhere, the Incident Management team issued 542 bespoke notifications informing organisations to a cyber incident impacting them and provided advice and guidance on how to mitigate it. This was more than double the 258 bespoke notifications issued last year.

Almost half of the bespoke notifications sent this year related to pre-ransomware activity, enabling organisations to detect and remove precursor malware before ransomware was deployed.

NCSC Annual Review 2024
Take a look at the NCSC's Annual Review 2024, showcasing key developments and highlights between 1st September 2023 and 31st August 2024.

Advertisement
Aviation Africa LB Aviation Africa LB
Saab’s advanced UK manufacturing facility opened

Defence

Saab’s advanced UK manufacturing facility opened

5 February 2025

Saab UK's new advanced manufacturing facility in Fareham, Hampshire, has been officially opened by the Rt Hon Jonathan Reynolds MP, Secretary of State for Business and Trade, marking a milestone in the company’s continued growth.

Dstl trials bomb disposal robots

Defence Security

Dstl trials bomb disposal robots

5 February 2025

Robot dogs that can defuse explosives are set to revolutionise bomb disposal operations and significantly reduce the risk to military personnel, whether operating in the UK or overseas.

Kainos awarded MoD contract to drive DDAP

Defence

Kainos awarded MoD contract to drive DDAP

5 February 2025

The Ministry of Defence (MoD) has awarded Kainos a three-year contract worth £50 million to enhance and evolve its Defence Data Analytics Platform (DDAP), used to standardise data analytics in the MoD.

HRH The Princess Royal opens thermal imaging facility at Thermoteknix

Aerospace Defence Security Space Events

HRH The Princess Royal opens thermal imaging facility at Thermoteknix

4 February 2025

Her Royal Highness The Princess Royal opened a new electro-optics facility at Thermoteknix in Cambridge and presented the company with the King’s Award for Enterprise trophy for Innovation, in recognition of the company’s groundbreaking development in thermal imaging.

Advertisement
ODU RT
DSEI Germany event launched

Defence Events

DSEI Germany event launched

4 February 2025

Clarion Events Ltd have today announced the launch of DSEI Germany - organised by Deutsche Messe AG in partnership with Clarion, who organise the security and defence exhibitions DSEI UK and DSEI Japan - to be held for the first time 19th-22nd January 2027 at the Messegelände Hannover Exhibition Grounds.

Lockheed Martin approves use of SATF for F-35s

Defence

Lockheed Martin approves use of SATF for F-35s

4 February 2025

Lockheed Martin has approved the use of Synthetic Aviation Turbine Fuels (SATF) in the F-35 Lightning II, with the new fuel sources boosting readiness by reducing reliance on the extended supply chain.

Advertisement
Cranfield

News

Articles

Information

Resources

© 2025 Advance - All rights reserved

Website by Silkstream

The views expressed are not necessarily those of ADS or its members. No responsibility or liability is accepted by ADS, the editorial team or the publisher for any loss occasioned to any person, legal or physical, acting or refraining from action as a result of any statement, fact, figure, expression of opinion or belief contained within this site.

Advertisement
Aviation Africa LB Aviation Africa LB