Question to the Cabinet Office:

To ask the Minister for the Cabinet Office, what estimate his Department has made of the number of cyber attacks which have involved ransomware in each of the last five years on UK companies by a hostile state.

Our National Cyber Strategy - launched in December 2021 - sets out how we will ensure that the UK continues to be a leading, responsible and democratic cyber power, able to protect and promote our interests in the rapidly evolving online world. This includes making the UK more resilient to cyber attacks, including ransomware attacks. The Strategy is supported by £2.6 billion of investment over three years.

Over the past five years, the National Cyber Security Centre has dealt with over 3300 significant cyber incidents affecting people and organisations across the UK:

• 590 in 2017,

• 557 in 2018,

• 658 in 2019,

• 723 in 2020, and;

• 777 in 2021.

The 2021 Cyber Security Breaches Survey shows the following percentage of businesses identified a cyber attack across the UK:

• 39% in 2021,

• 46% in 2020,

• 32% in 2019,

• 43% in 2018, and;

• 46% in 2017.

We are not in a position to be able to identify all cyber attacks, including ransomware attacks against UK companies, or attribute responsibility for every attack.

HMG continues its work with global partners to detect and disrupt cyber threats emanating from overseas. In December 2021, the UK held a G7 Senior Officials’ Forum on Ransomware to combat the threat, and the UK is taking a leading role in the international Counter Ransomware Initiative.