NCSC warns of 'perfect storm' attacks

Britain’s cyber agency said on April 22 that the UK is entering a cyber “perfect storm” shaped by artificial intelligence, geopolitical conflict and more state-linked attacks. (ncsc.gov.uk) Richard Horne, chief executive of the National Cyber Security Centre, delivered the warning in a keynote speech at the CYBERUK conference in Glasgow. He said the majority of the nationally significant incidents the agency now handles originate directly or indirectly from nation states. (ncsc.gov.uk 1) (ncsc.gov.uk 2) Horne said cyberspace now sits “between peace and war,” with Russia applying lessons from its invasion of Ukraine beyond the battlefield. Reuters reported that he also pointed to Russia, Iran and China as the main hostile-state threats facing Britain. (ncsc.gov.uk) (usnews.com) The warning is not about one malware strain or one breach. It is about a broader shift in which cheap disruptive attacks, state pressure and new AI tools can combine into waves of incidents that are harder to predict and harder to contain. (ncsc.gov.uk 1) (ncsc.gov.uk 2) The National Cyber Security Centre has already spent months warning about Russian-aligned hacktivist groups targeting UK organizations, especially local government and critical national infrastructure operators. In a January 19 alert, it said those groups were trying to disrupt networks and disable online services with denial-of-service attacks. (ncsc.gov.uk) In a related December 2025 joint advisory with U.S. and allied agencies, officials named groups including NoName057(16), Cyber Army of Russia Reborn, Z-Pentest and Sector16. The advisory said they had used exposed remote-access systems and other weak points to hit critical infrastructure in the United States and other countries. (cisa.gov 1) (cisa.gov 2) The scale of the backdrop is already visible in the numbers. The NCSC said it handled 204 nationally significant cyber attacks in the 12 months to August 2025, up from 89 the year before, and 18 of 429 total incidents were classed as highly significant. (ncsc.gov.uk) Horne’s message to businesses was that cyber defense can no longer sit only with information-technology teams. He said boards and senior executives need to treat security as part of the organization’s mission as AI expands the range of systems that can be attacked. (ncsc.gov.uk) (ncsc.gov.uk) For Britain, the immediate ask is not abstract. The agency is telling organizations to harden denial-of-service defenses, review supplier responsibilities, protect operational technology and prepare for attacks that may be politically motivated rather than financially driven. (ncsc.gov.uk) (ncsc.gov.uk) The thread running through all of the guidance is that the UK no longer sees major cyber disruption as a remote scenario. Its cyber chief is warning that the conditions for it are already in place. (ncsc.gov.uk)