NCSC: 100 Nations Have Purchased Cyber Intrusion Technology, UK Faces 'Perfect Storm'
UK intelligence reveals doubling of nationally significant cyberattacks as China and AI threats escalate
Auf einen Blick
- The UK National Cyber Security Centre has revealed that approximately 100 countries have procured cyber intrusion software, marking a significant drop in barriers for states to access such technology.
- Speaking ahead of the CYBERUK conference in Glasgow, chief executive Richard Horne warned of a cybersecurity 'perfect storm' driven by nation-state attackers and frontier AI, with nationally significant attacks on Britain doubling in a single year.
KI-generierte Zusammenfassung
Warum es wichtig ist
Commercial spyware has become a booming market over the past two decades, with products like NSO's Pegasus and Intellexa's Predator used to target journalists and political dissidents. The scope of targets has expanded beyond activists to include bankers and wealthy executives.
GLASGOW — More than half of the world's nation states are believed to have purchased technology that could be capable of hacking into Britain's infrastructure, companies and private networks, U.K. intelligence has found. The U.K. National Cyber Security Centre — which is part of the GCHQ intelligence agency — believes around 100 countries have procured cyber intrusion software, suggesting the barrier for states to get their hands on the technology is dropping, the agency told POLITICO ahead of a discussion about its findings at its CYBERUK conference in Glasgow Wednesday.
Commercial hacking technology, often referred to as spyware, has become a booming market over the past two decades. Products such as NSO's Pegasus and Intellexa's Predator have been used to target journalists and political dissidents across the world. The NCSC said the scope of spyware targets has "expanded" in recent years, with bankers and wealthy executives increasingly under attack.
U.K. cyber officials and government ministers will also use the CYBERUK conference to highlight a doubling in the number of nationally significant cyberattacks on Britain in a single year, pointing out the majority of incidents are now linked to attackers from nation states, rather than criminal gangs.
Richard Horne, the agency's chief executive, will say companies that don't see cybersecurity as a priority are "no longer just naïve," but are "failing to grasp the reality of today's world," according to pre-released extracts of his speech. Countries such as China possess an "eye-watering level of sophistication" to attack other nations, he will add, warning the U.K. faces a cybersecurity "perfect storm."
Mythos threat
Chief among the threats is the emergence of frontier AI technology, which Horne will warn is "rapidly enabling discovery and exploitation of existing vulnerabilities at scale." Earlier this month, the AI company Anthropic released details of its new Mythos model, which its researchers claim is too dangerous to be released due to its alleged ability to allow members of the public to "find and exploit sophisticated vulnerabilities" in systems. Its capabilities have prompted widespread concern, and even panic, from security experts.
Britain's National Protective Security Authority (NPSA) — a part of the MI5 intelligence agency — has contacted companies running U.K. critical infrastructure such as nuclear energy, water, and telecoms to highlight the emerging threat.
U.K. Security Minister Dan Jarvis will use his speech at the conference on Wednesday to call for AI companies to become more involved in Britain's cyber defenses, arguing cooperation could ensure Britain has the capability to protect its most critical networks by "autonomously identifying and addressing vulnerabilities at a speed and scale no human can match." Building this tool is a "generational endeavour" that will "test the absolute limits of our engineering and innovation," Jarvis will say.
Worauf zu achten ist
KI-Ausblick — Möglichkeiten, keine Fakten
More nations will be publicly attributed to specific cyberattacks against UK infrastructure in coming months
Sehr wahrscheinlich · Innerhalb von Monaten
UK government will announce formal partnership with AI companies for cyber defense development
Wahrscheinlich · Innerhalb von Monaten
Additional critical infrastructure companies will receive threat briefings from NPSA
Sehr wahrscheinlich · Innerhalb von Wochen
Offene Fragen
- Which specific countries besides China pose the greatest threat?
- What are the exact attack vectors being used?
- How will AI companies respond to the government's call for cooperation?
- What specific vulnerabilities in UK infrastructure have been identified?






