Hostile States Behind 75% of Cyber-Attacks on UK Critical Infrastructure, NCSC Warns
Richard Horne, the NCSC CEO, said three-quarters of cyber-attacks targeting UK critical infrastructure came from nation-state actors
Nation State reporting covers malware, threat actors, infrastructure, reported incidents, disruption efforts, and defensive guidance for organizations.
Search across headline titles and summaries.
Background for this topic.
Nation-state activity is cyber activity conducted, directed, or supported by a government, including espionage, disruption, or theft of sensitive information. The label can also cover suspected government-linked actors; attribution is often uncertain and may reflect intelligence assessment rather than publicly proven control.
For practitioners, reporting under this tag can indicate risks to government, critical-infrastructure, research, or strategic commercial networks, particularly through exposed systems, stolen credentials, or exploitation of unpatched vulnerabilities. Useful responses include prioritizing vulnerability remediation on internet-facing assets, enforcing strong authentication, limiting access to sensitive systems, and retaining logs that support investigation. Threat intelligence can help assess whether observed infrastructure or malware resembles activity associated with a state, but defensive decisions should rely on the technical evidence and the affected organization’s risk, not attribution alone.
Weekly headline count for the current query.
Richard Horne, the NCSC CEO, said three-quarters of cyber-attacks targeting UK critical infrastructure came from nation-state actors
Private firms are being targeted by nation-state groups for reasons beyond finance, argued ISACA’s Bharat Thakrar
Team Cymru’s Stephen Campbell warned that small US defense contractors are not well prepared to face cyber intrusions through edge devices
The convergence of global tensions and rapid technological change is driving a new era of cyber risk, the NCSC warns
Armis reveals that “mutually assured disruption” is no longer preventing state-backed attacks
Google researchers found that government-backed hackers now use AI throughout the whole attack lifecycle
The FBI outlines ten actions which organizations can take to defend networks against cybercriminal and nation-state threats
New IO study claims 88% of US and UK firms are concerned about state-sponsored cyber-attacks
Europe will likely face a combination of heightened cyber-physical attacks and information operations coming from nation-state groups in 2026
Cyber-related economic sanctions can alter adversary behavior, forcing underground networks to distance themselves from named actors
F5 has admitted a nation state actor has stolen source code and information on undisclosed vulnerabilities
Recorded Future highlighted the vast capabilities of state actors to rapidly weaponize newly disclosed vulnerabilities for geopolitical purposes
Microsoft has observed Russian state actor Secret Blizzard using an AiTM position to gain initial access, assisted by official domestic intercept systems
Microsoft has observed three China-based threat actors, Linen Typhoon, Violet Typhoon and Storm-2603, exploiting the SharePoint vulnerabilities
The US allege that the hacker stole critical COVID-19 research from universities at the behest of the Chinese government
Proofpoint has identified similarities between the tactics of a pro-Russian cyber espionage group and a cybercriminal gang
Sophisticated nation-state and cybercriminal groups are using insiders to infect targets via hardware devices, despite a lack of reporting of this threat
This is the first time Czech authorities have officially called out a nation-state over a cyber-attack
The critical vulnerability is being exploited by BianLian, RansomwEXX and a Chinese nation-state actor known as Chaya_004
Russian state actor Midnight Blizzard is using fake wine tasting events as a lure to spread malware for espionage purposes, according to Check Point