The National Cyber Security Centre (NCSC) – part of the UK government’s intelligence and security organisation, GCHQ – has warned critical national infrastructure (CNI) organisations to be vigilant to an increased cyber threat “from state-aligned groups” in an alert published today.
The alert emphasised that these groups are not subject to state control and their motivations are not financial, meaning they are unpredictable and will likely have broader targets than typical cyber criminals.
The NCSC has highlighted that some groups, particularly those sympathetic to Russia’s invasion of Ukraine, have stated they intend to cause disruption and destruction on western CNI, including that within the UK.
As such, the NCSC is advising organisations within CNI sectors to be proactive in taking proportionate steps to ensure they are protected – recommending that they implement measures previously recommended prior to the Russian invasion of Ukraine in February 2022.
In addition, the NCSC has advised CNI organisations and their partners to be mindful of the guidance relating to secure system administration.
Organisations in the sectors listed below, or who are business and/or supply chain partners for these industries, should be aware of the heightened risk of cyber-attack by state-aligned groups.
- Chemicals
- Civil Nuclear
- Communications
- Defence
- Emergency Services
- Energy
- Finance
- Food
- Government
- Health
- Space
- Transport
- Water
The NSCS’s Cyber Assessment Framework is recommended as a useful tool for such organisations and their partners to assess their current security measures and find areas for improvement.
If you would like any advice around your cyber requirements, please get in touch.
Written by

Jake Wilson
Senior Solicitor
Financial Services Regulatory
Related News, Insights & Events

Data Spring Webinar Series: Data Governance Demands in 2025
20/05/2025 - Online webinar
Our upcoming data webinar series will consider key data protection compliance requirements, explore data governance best practice, and highlight key areas of interest for the UK regulator (ICO).

M&S ransomware attack – what can we learn?
Discussing the recent ransomware attacks on M&S and the Co-op Group, highlighting the risks of cyber crime, potential regulatory consequences, and the importance of strong cyber security measures

Cyber security – fin(e)al decisions from the ICO
Highlighting the key ICO findings and what they mean for businesses handling sensitive data, with practical takeaways to help organisations strengthen cyber resilience and reduce regulatory risk.