Britain issues warning of potential cyber-retaliation
In the face of growing concerns about cyber threats, the UK government is taking decisive action to bolster its defence and offensive capabilities. The primary focus of these efforts is to counter threats from state-aligned adversaries such as Russia, Iran, China, North Korea, and India, as well as hackers from allied countries like India.
By late 2025, the UK is expected to activate its Cyber and Electromagnetic (Cyber EM) Command, a new command that will consolidate efforts to defend the country against daily cyber attacks. This command forms part of the UK’s Strategic Command and will integrate cyber and electronic warfare capabilities crucial for modern integrated military operations.
The 2025 Strategic Defence Review (SDR) places a significant emphasis on the cyber and electromagnetic domains as critical to national defence. The SDR states that "the first blows of any conflict will likely be struck in this invisible battlefield," advocating for a revitalised defence industrial strategy and the raising of a Digital Warfighting Group to boost offensive and defensive cyber operations.
The UK government openly commits to using offensive cyber operations to retaliate against attacks. This includes the National Cyber Force (NCF), a key offensive actor capable of retaliatory and deterrent cyber actions. Public attribution of attacks is used to raise the cost for adversaries such as Iran.
A dedicated National Cyber Strategy is due to be published later in 2025, outlining comprehensive cybersecurity resilience and offensive approaches. This includes a Cyber Security and Resilience Bill targeting a broad spectrum of risks, signalling a long-term government commitment to strengthening cyberspace defence and offensive deterrence.
The UK’s cyber industry is expanding rapidly, driven by innovation and strategic partnerships. This underpins the government’s capability by fueling advances in protective monitoring, encryption, AI, and quantum technologies which are relevant both for defence and offensive cyber capacities.
The UK has banned state institutions from paying ransoms to cybercriminals and has actively developed its offensive cyber capabilities. This was underscored by the creation of a new cyber operations command with a £1 billion budget, announced in May.
Despite the cybersecurity concerns, the UK’s relations with New Delhi remain strong, with both countries continuing joint efforts to combat cybercrime. However, the UK Security Minister, Den Jarvis, has warned hackers and hostile states that they will face consequences for cyberattacks on UK institutions.
Jarvis has also stated that the UK will utilize AI to maintain its position in the "arms race." This comes after a ransomware attack on the British Library by the group Rysida in 2023, highlighting the need for robust cyber defences.
While specifics are not fully public, the UK’s cyber posture is shaped to counter threats from state-aligned adversaries, focusing on hostile cyber operations such as espionage, ransomware, and disruptive attacks on infrastructure. The UK is actively developing its offensive cyber capabilities and using AI in its interests.
In a recent statement, Jarvis emphasized the importance of strong and constructive relations with New Delhi, promising continued joint efforts against cybercrime. The UK faces potential cyber threats from multiple countries, including India, but the government is committed to maintaining a strong and secure digital frontier.
- The UK government, in response to growing cyber threats, is establishing the Cyber and Electromagnetic (Cyber EM) Command by late 2025, integrating cyber and electronic warfare capabilities essential for modern military operations.
- The forthcoming National Cyber Strategy, due in 2025, will outline a comprehensive approach to cybersecurity resilience, including offensive strategies and a Cyber Security and Resilience Bill that targets a broad spectrum of risks.
- In its commitment to countering cyber threats, the UK government has banned state institutions from paying ransoms to cybercriminals and is actively developing its offensive cyber capabilities, as demonstrated by the creation of a new cyber operations command with a £1 billion budget.
