The National Crime Agency (NCA) has identified five key areas where cybercriminals are a threat to UK businesses and the public.
The organisation said the targeted compromise of UK networks to modify, delete or steal data to gain a competitive advantage was an increasing threat. This type of attack was also used by criminals to undermine user confidence, inflict reputational damage or to gain control of infrastructure.
It also said the UK will see an increase in use in targeted disruption of access to UK networks and services as DDoS protocols capable of launching powerful attacks against business critical systems grew in numbers. The NCA said ransomware attacks would increase and move from individuals to organisations.
The NCA forecasts that over the next three years there would be an increasing volume of cyber-dependent criminality, due to traditional' crime groups utilising the as-a-service' nature of the cybercrime marketplace. It warned that UK law enforcement had a limited capacity and capability to respond to such threats.
Support services critical to cyber-dependent crime success are increasingly being used by others, extending the gap between law enforcement and criminal capacity and capability, it said.
Another continual threat was from the large scale harvesting of personal and business data to commit fraud offences against UK individuals and organisations. The NCA said this would likely remain a constant threat with bespoke variants of malware and criminal tools targeting mobile tech likely to increase over the next 36 months.
"Over the last two decades, the internet and digital communications technology have steadily increased their penetration into all sectors of UK society and business. More and more government and public services are going online and it is likely that attempted cyber attacks against government services will increase," the report said.
"Awareness of how far cyber-enabled crime has permeated into local and regional serious and organised criminal groups is currently uneven," it added. "Criminals chase higher returns and seek to exploit less mature security measures, which makes cyber the leading channel for committing multiple types of economic crime."
-
How the UK MoJ achieved secure networks for prisons and offices with Palo Alto NetworksCase study Adopting zero trust is a necessity when your own users are trying to launch cyber attacks
-
Putting small language models under the microscopeITPro Podcast The benefits of small language models are undeniable – but they're no silver bullet
-
Cleo attack victim list grows as Hertz confirms customer data stolen – and security experts say it won't be the lastNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
‘Phishing kits are a force multiplier': Cheap cyber crime kits can be bought on the dark web for less than $25 – and experts warn it’s lowering the barrier of entry for amateur hackersNews Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Healthcare systems are rife with exploits — and ransomware gangs have noticedNews Nearly nine-in-ten healthcare organizations have medical devices that are vulnerable to exploits, and ransomware groups are taking notice.
-
Alleged LockBit developer extradited to the USNews A Russian-Israeli man has been extradited to the US amid accusations of being a key LockBit ransomware developer.
-
February was the worst month on record for ransomware attacks – and one threat group had a field dayNews February 2025 was the worst month on record for the number of ransomware attacks, according to new research from Bitdefender.
-
CISA issues warning over Medusa ransomware after 300 victims from critical sectors impactedNews The Medusa ransomware as a Service operation compromised twice as many organizations at the start of 2025 compared to 2024
-
Warning issued over prolific 'Ghost' ransomware groupNews The Ghost ransomware group is known to act fast and exploit vulnerabilities in public-facing appliances
-
The Zservers takedown is another big win for law enforcementNews LockBit has been dealt another blow by law enforcement after Dutch police took 127 of its servers offline
