The UK government will pass legislation compelling companies providing IT services to critical national infrastructure to improve their cyber defenses after a wave of attacks by Russia, China, Iran and North Korea.
As many as 1,000 firms will fall under the scope of a new law aimed at improving national resilience from cyberattacks, to be introduced later this year, the Department for Science, Innovation and Technology said in an emailed statement.
“Attempts to disrupt our way of life and attack our digital economy are only gathering pace, and we will not stand by as these incidents hold our future prosperity hostage,” Technology Secretary Peter Kyle said in the statement.
The Cyber Security and Resilience Bill is seen as a priority by Prime Minister Keir Starmer’s administration after a spate of attacks, including one last summer on Synnovis, a provider of pathology services to the National Health Service, which resulted in thousands of delayed medical appointments.
That attack paralyzed hospitals and clinics in London resulting in harm to dozens of patients, leading to long-term or permanent damage to their health in at least two cases, Bloomberg previously reported. The UK last year blamed China for hacks on the Electoral Commission and on the Ministry of Defence payroll system. China denied both.
UK Fears Chinese Hackers Compromised Critical Infrastructure
Ministers are exploring additional measures that would allow Kyle to direct individual companies to take steps to protect themselves from hacks and threats to supply chains, the department said. New protections for data centers will also be proposed.
Cyberattacks cost the UK economy some £22 billion ($28 billion) a year, with 50% of British businesses suffering a breach or attack in the last 12 months, according to the government.
Richard Horne, the head of the UK’s National Cyber Security Centre, warned in December that there was a “clearly widening gap between the exposure and threat we face, and the defenses that are in place to protect us.”
Russia, China, Iran and North Korea were previously named as “threat actors” by the NCSC, a branch of Britain’s national security listening post GCHQ. British officials have expressed particular concerns at Chinese state actors making widespread efforts to access the country’s critical infrastructure networks, with such attacks described as systemic and going beyond publicly-known hacks.
“We all need to increase the pace we are working at to keep ahead of our adversaries,” Horne said.
Photo credit: Jason Alden/Bloomberg
Related:
Topics Cyber
Was this article valuable?
Here are more articles you may enjoy.
Verisk Buy of Nasdaq Subsidiary Gains Access to Hundreds of Catastrophe Models 
More Tort Reform: Georgia Lawmakers Put Limits on Litigation Financing 
Macy’s to Claw Back Executive Bonuses Due to Accounting Scandal 
Federal Judge Orders Halt to Trump Administration Efforts to Dismantle CFPB 
