The UK will be hit by the most serious type of cyber emergency at some point, an intelligence chief has warned, as it emerged that a specialist unit is repelling more than 10 attempted attacks every week.
Ciaran Martin, head of the National Cyber Security Centre, said he had little doubt it would have to deal with a “category 1” case in the future.
The bracket covers incidents that result in severe economic or social consequences, or loss of life.
On Tuesday the NCSC will publish a report that lays bare the scale of the danger it is confronting, with “hostile states” said to be responsible for the bulk of thwarted strikes.
Since it became fully operational two years ago, the centre’s frontline teams have dealt with 1,167 cyber incidents.
Mr Martin, the NCSC’s chief executive, said: “The majority of these incidents were, we believe, perpetrated from within nation states in some way hostile to the UK.
“They were undertaken by groups of computer hackers directed, sponsored or tolerated by the governments of those countries.
“These groups constitute the most acute and direct cyber threat to our national security.
“I remain in little doubt we will be tested to the full, as a centre, and as a nation, by a major incident at some point in the years ahead, what we would call a category 1 attack.”
The NCSC defines a category 1 incident as a national cyber emergency, which causes “sustained disruption” of essential services or affects national security, leading to severe economic or social consequences or to loss of life.
Although there have been several “very significant” incidents, Mr Martin said the UK has so far avoided a category 1 event.
He added: “But even if this continues, we must be alert to the constant threat from countries who will attack critically important national networks to steal information for strategic or commercial reasons, and give themselves a starting point - ‘pre-positioning’ - for a significant attack in the future.”
The assessment comes less than a fortnight after Britain accused the GRU, the Russian military intelligence service, of being behind a campaign of cyber attacks targeting political institutions, businesses, media and sport.
Mr Martin stressed there is “much, much more” to the cyber security threat faced by the UK than just Russia.
While nation state activity represents the most acute threat, he said, low-sophistication but high-volume cyber crime is the “most chronic” one.
The NCSC launched the Active Cyber Defence initiative to protect the UK from “high-volume commodity attacks” that affect people’s everyday lives.
Since its introduction, the UK share of visible global phishing attacks dropped from 5.3% to 2.4%, according to the report.
The NCSC, which is part of intelligence agency GCHQ, was established to spearhead efforts to counter the mounting danger from cyber criminals and hostile states.
GCHQ director Jeremy Fleming said the NCSC has become a “world-leading organisation” and thanked its staff for their “outstanding work”.
He added: “Whether that’s thwarting the growing cyber threat from hostile nation states, providing excellent incident management services to large and small businesses, or pushing the boundaries of research and innovation, the NCSC operates on the front line of efforts to keep us all safe online.”
Minister for the Cabinet Office David Lidington said the NCSC has “more than risen” to the challenge of delivering ambitious proposals set out in the Government’s national cyber security strategy