The head of the National Cyber Security Centre has warned that a major cyber-attack is a matter of “when, not if”.

Ciaran Martin said the UK has so far avoided a category one attack, defined as an attack that might cripple infrastructure. During an hour-long interview with the Guardian, Martin said he anticipated such an attack in the next two years.

“I think it is a matter of when, not if and we will be fortunate to come to the end of the decade without having to trigger a category one attack.

Most comparable western countries have experienced what we would consider a category one attack so we have been fortunate in avoiding that to date.

What we have seen over the past year or so is a shift in North Korean attack motivation from what you might call statecraft – disrupting infrastructure – through to trying to get money through attacks on banks but also the deployment of ransomware, albeit in a way that didn’t pan out in the way the attackers wanted to.”

The last major attack was the WannaCry ransomware that crippled NHS, this was a category two attack. Similarities were spotted between this cyber-attack and code used by a group with links to the North Korean government say Kaspersky and Symantec.

The companies said that technical details within an early version of the WannaCry code are similar to code used by the government-linked North Korean hackers, Lazarus Group.

The attack that hit the NHS brought to light a global ransomware infection, hitting 75,000 computers in 99 countries, demanding ransom payments in 20 languages.

Ransomware is computer malware that installs covertly on a victim’s device that either mounts the cryptoviral extortion attack from cryptovirology that holds the victim’s data hostage, or mounts a cryptovirology leakware attack that threatens to publish the victim’s data, until a ransom is paid.


  1. This is a new terror using technology. If man invents new systems there is always the downside of exploitation from sex, to international cyber attacks on World commerce. Killing innocent people by cyber is now a reality, and could result in thousands if not millions of lives in the long term.
    Maybe, the only way to respond is to develop more sophisticated firewalls for defence, and create offensive cyber systems to take out the attackers? A major cyber hit on any society is an act of war, if it results in deaths. Where the nuclear club is modest membership and has proved to be an effective mutual deterrent, a cyber attack can be generated from anywhere, even a backwater country. In some ways, a cyber attack is the equivalent of a dirty bomb, in terms of it being a less costly delivery into the heart of our lives. Currently, cyber attacks are a critical threat to World peace, and some serious work is needed to ensure such activity is quickly curtailed, before it all turns foul.

    • i honestly think that netflix going down for an hour, or your tv going haywire for a day, or a blocked mobile is not as big a problem as they make out – another excuse to make money for cyber services

  2. “a matter of “when, not if””

    No, it’s a matter of when it’s triggered, not when it comes here – it’s here already.

  3. Agree

    We desperately need our own large cyber force and these people need to be embedded into a single force structure.

    The thing that this post misses – is that everything is now integrated, there isn’t a real need for separate forces for air, land, sea and cyber as ultimately our enemies will use a combination of all to implement their plans.

    Russia and China are leading the way here in how to maximise the value of integrating the whole force and it is just a matter of time and I fear the UK is woefully under prepared (but could be wrong).

    Cyber is the new Blitzkrieg – it has elevated the use of technology to have a far greater impact when working alongside more conventional means than the components on their own.

  4. The UK Armed Forces got hit previously by Confiker which was a major wake up call. As with anything the after action debrief meant we learn t a lot about the fragility of systems, cross system infection and how the loss of apparently inconsequential admin systems had unforeseen effects on operational capability. Those lessons learnt have been applied to the IT systems.

    On the plus side I had no email for over a week…which meant I could GOYA ( Get off your Arse) and walk the patch and talk to people instead of having to answer pointless emails. The loss of admin systems meant everything went old school again…Writing (yes writing with a pen) memos and briefs, snowpace on old forms and photo copying them,… it was actually quite refreshing until they patched the systems and gave them the all clear…then the worlds supply of emails arrived in my inbox and it was back to reality.


Please enter your comment!
Please enter your name here