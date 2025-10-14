UK saw 204 nationally significant cyberattacks in one year, more than double the previous count

Private sector targets like Jaguar Land Rover face major economic and operational disruption

NCSC urges top UK firms to take stronger action against ransomware threat

The United Kingdom is facing an unprecedented amount of “nationally significant” cyberattacks every week, the National Cyber Security Centre (NCSC) said in its 2024 annual review.

The review, set to be published today, states that the NCSC was called to assist with 429 attacks between September 2024, and late August 2025. Of these 429, 204 were labeled “nationally significant” representing a more than 100% jump compared to the 89 attacks with the same label in 2024.

If these figures weren’t alarming enough, the NCSC explained that out of the 204 attacks, 18 were “highly significant”, having a “serious impact on central government, UK essential services, a large proportion of the UK population, or the UK economy.”

Concrete action

Being “nationally significant” doesn’t necessarily mean “targeting the UK government” - the private sector is included as well, as long as the attack is large or disruptive enough.

One of the incidents mentioned is the attack on Jaguar Land Rover (JLR), which Lucas Kello, the director of the University of Oxford's Academic Centre of Excellence in Cyber Security Research, described as “more than a company outage” and “an economic security incident”.

“If disruption drags on for weeks or months, it imperils the government’s central growth mission. How can Britain achieve ‘the highest sustained growth in the G7’ if its top exporting sector stalls?” he asked.

Elsewhere in the review, the NCSC said it would urge chief executive officers and chairs of the country’s biggest organizations to “take concrete actions” to better defend their businesses from the rising threat.

Ransomware attacks, cyber-espionage, and Distributed Denial of Service (DDoS) attacks are rampant. Just earlier this week, threat actors known as Scattered Lapsus$ Hunters leaked sensitive data from more than 40 major businesses, as part of their Salesforce / Salesloft attacks. Besides JLR, other notable British businesses mentioned include Co-op and Marks & Spencer.

Via The Record

