The UK’s National Cyber Security Centre (NCSC) reported 204 “national significant” cyber incidents between September 2024 and August 2025, according to the agency’s latest Annual Review 2025, published on October 14.
This is the highest-ever number and represents an 130% increase compared to the previous year, when UK organizations faced 89 incidents of such high impact.
In total, the NCSC received 1727 incident tips in the latest reported period, with 429 of those elevated to cyber incidents which required the agency’s support.
The 204 incidents characterized as “nationally significant” fell into one of the top three cyber-attack categories used by the NCSC and UK law enforcement.
While no incidents of cyber “national emergency” (Category 1) were reported, the NCSC helped UK organizations with 18 “highly significant incidents” (Category 2) over the reported period – a rise from the 12 recorded in the previous period.
These incidents were categorized as such because had a serious impact on central government, UK essential services, a large proportion of the UK population or the UK economy.
The NCSC Annual Review 2025 did not specify which cyber incidents fell into this category.
However, an introduction to the report penned by Anne Keast-Butler, Director of the NCSC’s parent agency, the Government Communications Headquarters (GCHQ), mentioned recent cyber-attacks on Marks & Spencer, the Co-op Group and Jaguar Land Rover as “high-profile attacks” that “serve as a stark reminder that the cyber threat is not just an abstract concept but a real one with real-world costs.”
Cybersecurity: A Matter of Business Survival
Richard Horne, the NCSC’s chief executive, delivered a speech at the Annual Review 2025 launch event on October 14 at NCSC headquarters in London.
In the address to UK businesses, he warned: “The time to act is now. […] Cybersecurity is now a matter of business survival and national resilience. With over half the incidents handled by the NCSC deemed to be nationally significant, and a 50% rise in highly significant attacks on last year, our collective exposure to serious impacts is growing at an alarming pace.”
Horne also emphasized that attackers are improving their ability to cause real impact and remain indiscriminate as to who they target.
However, he explained that beyond the headline-grabbing cyber-attacks and rising number of high-impact cyber incidents, there are many more success stories.
“Now it would be easy to look at these numbers, and think we’re under siege, that we should hold up our hands and admit defeat… but that is not the case. We know that far more cyber-attacks fail than succeed. That is not by chance. It’s because organisations have built good defences. We are also seeing more organizations able to continue in the face of an attack that does break through because they were prepared,” he will add.
“The best way to defend against these attacks is for organizations to make themselves as hard a target as possible. That demands urgency from every business leader: hesitation is a vulnerability, and the future of their business depends on the action they take today,” he will conclude.
Read more: UK Cyber Essentials Certification Numbers Falling Short
