State cyber threat rises
- UK cyber chiefs say the most serious attacks now originate primarily from Russia, Iran and China. - A separate report warns AI helps adversaries discover vulnerabilities faster than human teams can patch them. - Reports call for closer coordination between AI firms and government through bespoke programmes to strengthen national cyber defences. ( )
Britain’s cyber agency says the gravest attacks it now handles come mainly from Russia, Iran and China, not ordinary criminal gangs. (ncsc.gov.uk) Richard Horne, chief executive of the National Cyber Security Centre, was due to deliver that warning at CYBERUK in Glasgow on April 23, 2026. In prepared remarks, he said ransomware still hits the widest range of organisations, but “the majority” of nationally significant incidents his teams handle now are tied directly or indirectly to nation states. (insurancejournal.com, ncsc.gov.uk) The scale has risen fast. The National Cyber Security Centre said it handled 204 nationally significant attacks in the 12 months to August 2025, up from 89 a year earlier, with 18 classed as highly significant and serious enough to threaten essential services. (ncsc.gov.uk) A vulnerability is a flaw in software or hardware, like a bad lock on a front door. The National Cyber Security Centre said artificial intelligence is now helping attackers find and exploit those flaws faster and at larger scale, while defenders still have to patch real systems one by one. (ncsc.gov.uk, ncsc.gov.uk) In its latest assessment, the agency said AI will “almost certainly” increase both the volume and impact of cyberattacks over the next two years. A second report extending the forecast to 2027 said AI will make intrusions more effective and efficient, widen the gap between well-defended and poorly defended systems, and leave critical infrastructure more exposed if protections lag. (ncsc.gov.uk, ncsc.gov.uk) That warning lands as the UK government pushes cyber resilience higher up the political agenda. CYBERUK 2026 ran in Glasgow from April 21 to April 23, with more than 2,500 attendees from government, industry and academia and speakers from Google Cloud, Anthropic and allied cyber agencies. (ncsc.gov.uk, security.gov.uk) The UK has already moved beyond speeches in some cases. In December 2025, it sanctioned two China-based companies, i-Soon and Integrity Tech, and said China-linked firms had targeted more than 80 government and private-sector information technology systems worldwide. (gov.uk) Horne’s message in Glasgow was that the response cannot sit with government alone. His speech said the country needs to “embrace,” “secure” and “shape” AI so the technology strengthens defence before hostile states use it to widen the gap. (ncsc.gov.uk)
