Expert warns that the UK needs to be prepared for a devastating cyber attack by a hostile state

A “cyber 9/11” could wreak havoc on UK infrastructure and cause unprecedented chaos with the nation unable to access the internet for days on end, the former cyber crime boss at Interpol has warned.

In an interview with The i Paper, Craig Jones says the UK must stay alive to the threat of a catastrophic digital attack.

He said that while it would not lead to a huge loss of life, it could have a devastating impact on our daily lives.

New FeatureIn ShortQuick Stories. Same trusted journalism.

He also warns that large-scale cyber threats come from hostile states such as Russia and Iran, as well as organised criminal networks.

Talk of a “cyber 9/11” or a “cyber Pearl Harbour” has been hotly discussed among defence and cyber security experts for the past decade.

Jones said: “You probably get a vivid image in your head of planes hitting towers and towers collapsing. That sort of carnage. In the cyber world, it would be whole parts of critical national infrastructure that don’t work.”

“Imagine you’re sat reading a newspaper or watching TV, and all of a sudden, your TV is not working, your phone is not working, and we go back into an analogue state, a pre-Internet.”

The cyber crime expert also raises that there are now software and hardware tools capable of extreme disruption on sale online for as little as $10 (£7.40), which any cyber criminal could use to attempt to bring Britain to its knees.

File photo dated 22/12/22 of ambulances outside Waterloo Ambulance Station, south London. More than half a million appointments, operations and procedures have been postponed in England as a result of the wave of industrial unrest in the NHS. Issue date: Monday June 19, 2023. PA Photo. Strikes began towards the end of 2022 in the bitter dispute over NHS pay. The first mass walkout of nurses in history took place in mid-December, with ambulance workers, physiotherapists and other health workers following suit in subsequent weeks. See PA story INDUSTRY Strikes NHS. Photo credit should read: James Manning/PA WireHackers, who have targeted parts of the NHS in the past, can cause disruption to patients and hospital services (Photo: James Manning/PA Wire)

The precise damage caused by an unprecedented attack of this scale would depend on how it manifested.

For example, a single attack on an NHS provider in 2024 by Russian-speaking cyber gang Qilin contributed to the death of at least one patient and disrupted more than 10,000 appointments.

The WannaCry hack in 2017 disrupted a third of NHS trusts cost £92m, according to the Office for Budget Responsibility (OBR).

The National Risk Register, the Government’s assessment of the most serious risks facing the country, references eight different types of cyber threat facing the UK.

It includes hacks on the electricity and nuclear infrastructure, transport systems and the health and social care system.

One example it highlights is a “worst-case scenario” in which multiple entire IT systems on the NHS become inaccessible.

It states the “impacts would be felt immediately” and cites that appointments would be cancelled, there would be delays to medical procedures and tests, and A&E diversions.

Jones steered the international police organisation’s cyber crime team between 2019 and 2024 and notably expanded Interpol’s capacity for cross-border cooperation in tackling complex cyber threats.

His comments come at a time of relentless attacks on the country’s public services, affecting the NHS, Transport for London, and local councils, with Suffolk County Council the latest to be hit by a cyber attack.

‘Cyber criminals are a totally different animal’

“Cyber crime is heading in the same direction it always has been, which is upwards. They are increasing the scale, volume, complexity, and agility of the cyber criminals. It is on an upward trajectory,” Jones said.

Increasing access to affordable software and hardware “tools” that hackers need to monitor and infiltrate computer networks is also playing a role in more sophisticated and large scale hacks.

“Fifteen-plus years ago, tools would only be available to a state actor. We’ve seen those tools become more readily available,” says Jones, “Some cost $10 (£7.40), $20 (£14.80), which can then allow those criminals to have access to sensitive systems and networks.”

“[When] services are being impacted by the criminal networks and state groups, there’s a knock-on effect. For example, at hospitals, you can’t get a scan, you can’t get a blood test,” he explained.

“The [hostile] states are testing their abilities, but also sometimes they’re just going into networks and systems and seeing what’s there.

“The cyber criminal is a totally different animal. They’re going after financial gain. They will do multiple targets. We see the public sector being impacted, such as schools, hospitals and universities. We see the financial institutions being targeted.”

Jones says Britain is currently well-positioned against certain attacks but any slip in defences could have wide-ranging consequences.

“Politicians move on, departments change – prioritisation may be lost a little bit, but what we have in the UK is probably one of the best networks and systems globally at this moment in time,” he said, adding that the fight against cyber criminals constantly needs more resources.

One of the risks identified by Jones is a scenario where the UK faces multiple significant cyber attacks at once. He points to the attack in 2017, which froze swathes of the NHS and saw patients turned away and ambulances diverted.

Jones was tasked with responding to the attack from the criminal gang Wannacry, who demanded a ransom to put hospitals back online. They were unsuccessful, but the attack pushed UK cyber security agencies to their limits.

Asked whether the UK is now in a position to defend itself against a multi-pronged attack, Jones did not reply explicitly, but said: “That would be a highly coordinated attack. It would be quite complex.

Craig Jones speaking to The i Paper from the Global Cybersecurity Forum in Riyadh. (Photo: The i Paper)Comments from Interpol’s former director of cyber security Craig Jones, come at a time of relentless attacks on the country’s public services (Photo: The i Paper)

“We are seeing stronger regional entities [such as the UK and its partners] coming together and working together for economic gain. What if that was turned around [against us]?”

He added: “I would say its a low probability at this moment in time but if we don’t continue investing in cyber security… then our defences will be weakened in the future.

“It’s about not taking our eye off the ball.”

Artificial intelligence as a futher concern

Jones, who also previously worked as a senior officer at the National Crime Agency and spoke to The i Paper from the sidelines of the Global Cybersecurity Forum in Riyadh, also raised concerns about the rise of artificial intelligence.

“There’s a lot of talk about AI at the moment, the scale of AI and how cyber criminals are using that technology to expand their business and their criminal operations.”

The i Paper revealed cyber criminals based in Iran, Russia and Belarus are targeting UK defence personnel with fake job advertisements which trick applicants into downloading malicious software.

The UK military has been subjected to 90,000 cyber attacks from hostile states in the last two years, while the NHS and local councils such as Redcar and Cleveland have been severely affected by hacks, at times putting the lives and safety of people relying on social care and other public services at risk.

The Cyber and Specialist Operations Command (CSOC) has been recently “reshaped” by the Ministry of Defence to “to help keep the United Kingdom secure at home and strong abroad.”

A Government spokesperson said: “Cyber security is an absolute necessity to protect the British people, our public services and businesses driving growth.”

The spokesperson insisted: “The UK has robust plans in place for a range of potential emergencies that have been developed, refined and tested over many years.”