The British government said Tuesday it had written CEOs advising them that they should put plans in place to revert to pen and paper in the event they suffer a major cyber attack that renders their IT systems inaccessible or inoperable. File Photo by Ritchie B. Tongo/EPA
British cybersecurity authorities said Tuesday the country was facing “nationally significant” attacks almost daily from hostile states or sophisticated criminal gangs in an escalation that has seen incidents more than double in the 12 months to August.
The number of attacks handled by the government’s National Cyber Security Center jumped sharply higher to 204, around four per week, up from 89 in the previous 12-month period, the agency said in a news release.
The center’s head, Richard Horne, urged businesses and organizations to take immediate action to protect themselves.
“Cyber security is now a matter of business survival and national resilience. With over half the incidents handled by the NCSC deemed to be nationally significant, and a 50% rise in highly significant attacks on last year, our collective exposure to serious impacts is growing at an alarming pace,” said Horne.
“The best way to defend against these attacks is for organizations to make themselves as hard a target as possible. That demands urgency from every business leader: hesitation is a vulnerability, and the future of their business depends on the action they take today.”
Horne, said it was also critical for every company and organization to have a plan for how they would keep running if their IT systems stopped working, or they were locked out, and how they would recover them quickly.
The warning came as senior government ministers wrote to business leaders telling them to keep hard copies of critical data after a string of attacks that crippled the operations of major retailers and shut down production lines for five weeks at Jaguar Land Rover, the country’s largest automaker, causing major disruption and costing billions of dollars.
“Not all cyberattacks can be prevented. A critical part of good governance is rehearsing how you would respond to a major incident. Please plan and exercise how you would continue operations and rebuild following a destructive cyber incident,” wrote the ministers.
“Recent high-profile cyber incidents show how attacks can seriously disrupt operations and damage profitability. In this increasingly hostile landscape, organizations recover better from incidents when they have planned for the worst and rehearsed their business continuity and recovery,” they said.
The letter urges businesses to immediately implement a three-point plan, including making cybersecurity a priority at the board level, signing up to the NCSC’s free early warning alert system to enable them to catch incidents before they escalated and require suppliers have systems in place to prevent common cyber attacks.
“Cyber resilience is a critical enabler of economic growth, so getting this right will promote growth and foster a stable environment for investment and innovation,” adds the letter, which was signed by Chancellor Rachel Reeves, Science Secretary Liz Kendall, Business Secretary Peter Kyle and Security Secretary Dan Jarvis.
The JLR attack targeting the retail and production operations came after attacks on Marks & Spencer in April and The Cooperative in May, two of Britain’s largest retailers. Marks & Spencer said the attack would cost it about $405 million in lost profits this year.
Co-op customers’ personal data was stolen and the firm was unable to stock shelves properly.
However, a hacker group claiming it was behind the attack complained to the BBC at the time that Co-op was able to limit the damage and avoid being locked out of its systems by “pulling out the plug,” shutting its IT infrastructure down entirely.
“Co-op’s network never ever suffered ransomware. They yanked their own plug — tanking sales, burning logistics, and torching shareholder value,” said the hackers.
Experts said the tactic caused significant damage but helped the company avoid even more damaging, long-term impacts.
The attacks were among several cyber and ransomware attacks targeting many European organizations over the summer, including courts, hospitals, NGOs and airports in Brussels, Berlin, Dublin and London.
In 2024, then-British Deputy Prime Minister Oliver Dowden said entities linked to the ruling Chinese Communist Party were behind the hacking of the personal data of 40 million U.K. voters and cyberattacks on MPs critical of China.
The attack on the systems of the Election Commission in London went undetected for more than a year after it took place in 2021.
The commission insisted that the attack had not affected any election or any individual’s democratic rights.
