NCSC: Supply Chains at Risk Amid Growing Cyber Threat

The UK is confronting a sharp increase in cyber threats, with the National Cyber Security Centre (NCSC) warning that cybersecurity is now a matter of national resilience.

The growing sophistication of attacks has serious implications for supply chains and the critical infrastructure they support.

According to the NCSC’s Annual Review 2025, the NCSC managed 429 incidents in the last year, with 204 deemed nationally significant. This figure is more than double the 89 recorded in the previous 12 months.

Of the total incidents, 18 were classified as “highly significant” indicating their potential to disrupt essential services like government operations, energy supply and healthcare infrastructure.

Dr Richard Horne, Chief Executive of the NCSC describes cybersecurity as “a matter of business survival and national resilience.” He urges organisations of all sizes to treat cyber-preparedness as a boardroom priority.

“With nearly half the incidents handled by the NCSC deemed to be nationally significant and a 50% rise in highly significant attacks on last year our collective exposure to serious impacts is growing at an alarming pace.

“The best way to defend against these attacks is for organisations to make themselves as hard a target as possible. That demands urgency from every business leader: hesitation is a vulnerability...the time to act is now.”

Vulnerabilities across the supply chain

The expanding attack surface is a direct result of increased connectivity. In supply chains, the integration of Internet of Things (IoT) devices in manufacturing, logistics and other critical operations has introduced new vulnerabilities.

Toby Gasston, Principal Product Manager at Wireless Logic, says: “The UK being under near-constant cyber attack comes as no surprise. As industries digitise, their most critical functions increasingly depend on connected devices and IoT infrastructure. This growing reliance expands the threat surface and demands a new level of vigilance.

"From energy and healthcare to retail and manufacturing, connected devices now form the backbone of daily operations. They control heating and power, monitor patients and optimise production lines.

"Yet many still sit outside traditional IT perimeters, creating blind spots where attackers can move unseen."

The evolution of ransomware threats

Ransomware remains a primary threat to operational continuity. Financially-motivated groups and state-backed actors from China, Russia, Iran and North Korea are exploiting weaknesses in supply chains and cloud services.

Pierre Noel, Field CISO EMEA at Expel, adds: "Ransomware has rapidly evolved from opportunistic encryption attacks into highly-professionalised ecosystems. Currently, ransomware groups operate like SaaS businesses complete with subscription tiers dashboards and user support."

Pierre highlights the prevalence of identity-based attacks, explaining: “Identity-based attack attempts dominate accounting for 67.6% of the incidents our Security Operations Centre (SOC) handled in Q2 2025 for our customers.

"Alarmingly 13.8% of observed threats were non targeted malware highlighting that even indiscriminate campaigns can cause devastating damage when organisations lack basic cyber hygiene.”

Engineering security into partnerships

The consensus is that security can no longer be a reactive measure. It must be a foundational component of systems processes and partnerships throughout the supply chain.

Dolores Saiz, CEO of cloud consultancy The Server Labs, says the NCSC review should serve as a wake-up call.

“The 50% rise in cyber attacks is a stark reminder that no organisation is immune,” she adds.

“Security can’t be an afterthought or a reaction to a breach it has to be engineered into the very fabric of every system every process and every partnership.”

This proactive stance involves moving beyond piecemeal protection toward built-in resilience.

Toby concludes: “Secure-by-design connectivity supported by strong authentication anomaly detection and continuous visibility ensures every device on a network is identifiable and protected from compromise.

“It’s the only sustainable way to safeguard the UK’s connected economy against the kind of large-scale disruption the NCSC is warning about.”