Major cyber attack on UK a matter of 'when, not if'

The head of the National Cyber Security Centre has warned that a major cyber attack on the UK is a case of ‘when, not if’.

Speaking to the Guardian, Ciaran Martin said that the UK had been fortunate to avoid a so-called category one (C1) attack, broadly defined as an attack that might cripple infrastructure such as energy supplies and the financial services sector. However, he also said that he anticipated such an attack in the next two years.

Through to December last year, the National Cyber Security Centre recorded 34 C2 attacks, with WannaCry the most disruptive of these, and 762 slightly less serious C3 ones. The most serious cyber attack on the UK so far has been the WannaCry ransomware attack in May 2017, classified as only C2 rather than C1, that disrupted hospitals.