In a stark warning to businesses large and small, the UK government and its security services are urging organizations to prepare for the possibility of their digital operations grinding to a halt due to a cyber-attack. In a move that feels almost retro in today’s hyper-connected world, chief executives have been advised to keep physical, pen-and-paper copies of their cyber attack contingency plans, ensuring that critical information is accessible even if screens go blank and networks fall silent.
This advice, issued on October 13, 2025, comes as the National Cyber Security Centre (NCSC) reports a dramatic surge in the scale and impact of cyber incidents across the country. According to the BBC, the NCSC dealt with 429 cyber incidents in the first nine months of 2025. While this figure is similar to last year’s tally, the real story lies in the severity of these attacks: 204 were classified as “nationally significant,” more than doubling from 89 such incidents the previous year. Eighteen of these were deemed “highly significant,” marking a 50% increase and the third consecutive annual rise in this top category.
“Highly significant” attacks, as outlined in the NCSC and UK law enforcement categorization model, are those with a serious impact on government, essential services, the economy, or the mass population. These are not abstract threats—recent victims include household names like Marks and Spencer, The Co-op, and Jaguar Land Rover. Shoppers have faced empty shelves, while production lines at major manufacturers have ground to a standstill, all because hackers managed to take key computer systems offline.
Senior government officials are treating this as a “call to arms.” As reported by The Guardian, Chancellor Rachel Reeves, Security Minister Dan Jarvis, and the technology and business secretaries, Liz Kendall and Peter Kyle, have written to leaders of hundreds of the UK’s largest companies. Their message is clear: cyber resilience cannot be an afterthought—it must be a board-level responsibility. Hostile cyber-activity, they warn, has become “more intense, frequent and sophisticated.”
Anne Keast-Butler, the director of GCHQ, put it bluntly: “Don’t be an easy target. Prioritise cyber risk management, embed it into your governance and lead from the top.”
So, what’s driving this rise in cyber-attacks? The answer is multifaceted. Ransomware remains the main culprit, with criminal gangs—many based in Russia or former Soviet states—using extortion tactics to demand hefty payments in cryptocurrency. The NCSC’s annual review also points to the growing threat from state actors, naming China, Russia, Iran, and North Korea as the principal sources of “highly sophisticated” or “capable and irresponsible” attacks. Russia, in particular, is said to inspire informal “hacktivists” who are targeting the UK, the US, and NATO allies.
But the danger isn’t only international. There’s been a resurgence of teenage hacking gangs operating in English-speaking countries. Seven teenagers have already been arrested in the UK this year for their roles in major cyber-attacks, including two 17-year-olds in Hertfordshire allegedly behind a ransomware attack on the Kido nursery chain, which compromised children’s data.
The impact of these attacks can be devastating. One of the most serious incidents last year targeted a blood testing provider in London, causing major clinical disruption and, tragically, contributing to at least one patient death. The NCSC has declined to specify the categorization of this incident, but it stands as a grim reminder that cyber-crime isn’t just about lost data or financial loss—it can have real-world, even fatal, consequences.
Richard Horne, chief executive of the NCSC, has seen the fallout from these attacks up close. “We do see our attackers improving their ability to cause real impact, to inflict pain on the organisations they have breached and those who rely on them,” he said, as quoted by The Guardian. “They don’t care who they hit or how they hurt them. That is why we need all organisations to act.” Horne also highlighted the emotional toll on victims: “I’ve sat now in too many rooms with individuals who have been deeply affected by cyber-attacks against their organisations … I know the impact the disruption has on their staff, suppliers and customers, the worry, the sleepless nights.”
Adding to the complexity, hackers are increasingly harnessing artificial intelligence to sharpen their operations. While the NCSC has yet to encounter a major attack fully initiated by AI, it warns that “AI will almost certainly pose cyber-resilience challenges to 2027 and beyond.” The landscape is evolving fast, and defenders must keep pace.
Recognizing the scale of the threat, the government is not just offering warnings but also practical support. Organizations are being urged to take advantage of free tools and services from the NCSC, including cyber-insurance for small businesses that complete the Cyber-Essentials programme. This is meant to help level the playing field for firms that might lack the resources of larger corporations.
Paul Abbott, who ran the Northamptonshire transport firm KNP until a ransomware attack in 2023 forced its closure, knows firsthand the importance of preparation. “We were throwing £120,000 a year at [cyber-security] with insurance and systems and third-party managed systems,” Abbott told BBC Radio 5 Live. Now, he emphasizes security, education, and—perhaps most critically—contingency planning. “The call for pen and paper might sound old-fashioned, but it’s practical.”
Graeme Stewart, head of public sector at cyber-security firm Check Point, echoed this sentiment. “You wouldn’t walk onto a building site without a helmet—yet companies still go online without basic protection,” he said. “Cybersecurity needs to be treated with the same seriousness as health and safety: not optional, not an afterthought, but part of everyday working life.”
The NCSC’s annual review, as reported by both the BBC and The Guardian, underscores that while the total number of cyber incidents may not have skyrocketed, the stakes have never been higher. The UK and its allies have had to counter Russian military cyber-units, issue warnings about China-linked campaigns targeting thousands of devices, and sound the alarm over Iranian cyber-actors. Meanwhile, society’s growing reliance on technology means there are simply more targets for hackers to exploit.
For now, the government’s message is clear: plan for the worst, hope for the best, and don’t let digital convenience lull you into complacency. A little bit of old-school thinking—pen, paper, and practical preparation—could make all the difference when the next attack hits.
