Cyber experts warn London faces a growing risk of being hacked as the war between the United States, Israel, and Iran intensifies.
On 2 March, the National Cyber Security Centre (NCSC) said there was “no current significant change” in the direct cyber threat from Iran.
But it warned the situation could evolve quickly, with organisations linked to the Middle East most likely to be targeted.
Since then, the UK has taken on a more active support role in the conflict by allowing the use of military bases and helping to intercept attacks.
The shift has sparked concern among analysts that London could become a focus for state-backed hackers and allied groups.
Cyber attacks have become part of the arsenal used by states in times of tension and conflict.
Dr Tim Stevens, an international security expert at King’s College London, said countries now deploy cyber as well as military, diplomatic and economic tools to gain advantage over rivals.
Dr Tim Stevens said: “States with suitable resources… use cyber as part of a wider toolbox… in peace and in war, and in everything in between.”
He said cyber operations do not begin when fighting starts and do not end when it stops.
London is already a target.
“London’s always in the crosshairs […] it’s a hugely rich city,” Dr Stevens said, pointing to its role as one of the world’s leading financial and data hubs.
The capital’s role as a global financial and data hub makes it attractive.
It is also highly dependent on digital systems.
“We rely on stable and reliable digital connectivity […] without that, we’re hugely exposed,” he said. This exposure is not new, but analysts say it becomes more relevant as geopolitical tensions rise.
Ollie Whitehouse, Chief Technology Officer of NCSC said: “To tackle the evolving threat landscape, stronger strategies and interventions are crucial.”
Ollie Whitehouse, Chief Technology Officer of the UK’s National Cyber Security Centre (NCSC) gave a talk at King College London addressing the current cyber threats to UK security.
Risk becomes clearer when looking at what a cyber attack on London might actually target.
That includes transport, banking, energy, and communications. Disrupting any one of these, even briefly, could have wide-reaching effects.
“We rely on stable and reliable digital connectivity… without that, we’re hugely exposed,” Dr Stevens says.
Conor Freeman, a former hacker who now works in cyber security says, “the most effective targets are those that would cause immediate, visible disruption […] critical infrastructure would be a likely focus.”
“Energy is probably the number one focus […] if you wanted to cause the maximum amount of havoc,” he added.
Conor Freeman, a former hacker, warns critical infrastructure in London would be the main target.
Freeman added: “If a couple of massive factories were to go out, that’s a huge supply chain issue […] it’s going to affect a lot of people’s jobs.”
Attackers will look for the simplest route in exploiting outdated software or systems that organisations have lost track of over time.
“They’re looking for low hanging fruit […] whatever’s easiest and whatever’s going to cause the most [impact],” Freeman said.
As organisations expand, their digital footprint can become harder to manage, increasing the chances that vulnerabilities go unnoticed. A single forgotten device can provide a foothold.
Freeeman said: “If a hacker finds that […] they can just move across your network and wreak havoc.”
“The real soft underbelly of London is small and medium enterprises,” Dr Stevens said.
These businesses can form part of larger supply chains, providing services or access to bigger firms and critical systems. Once inside, attackers can move across networks to reach more sensitive targets.
Dr Stevens said: “I want to go in through one of those […] and follow the supply chain.”
“Problems can ripple through supply chains and across borders,” he continued.
When the NCSC issued its alert on 2 March, it said there was no significant change in the direct threat from Iran. But raised concern of the potential for indirect risks for organisations with links to the region.
The extent of that risk will depend in part on Iran’s capacity, which is likely focused on military priorities within the Middle East.
“We might expect to see some sort of uptick,” Dr Stevens added.
In many cases, the aim is to create disruption quickly, attract attention and undermine confidence, rather than disable systems over the long term.
“How much chaos can they cause in a short amount of time […] scaremongering is the number one thing,” Freeman said.
How prepared London is for that kind of pressure is harder to assess
“You never know if you have enough resilience until you need it,” Dr Stevens said.
He added that “100% security is not possible,” meaning organisations must plan for disruption rather than assume it can always be prevented.
If disruption were to happen, the effects in London would likely be immediate.
Much of the city’s communication and data traffic passes through a small number of critical hubs. One of the most important is the London Internet Exchange.
“If the London Internet Exchange goes down… our internet connectivity dives,” Dr Stevens said.
“When internet connectivity dies […] it’s very difficult to communicate,” he added.
For now, there is no evidence that London is facing a cyber attack linked to the conflict.
But the conditions that shape that risk are shifting.
Submitted Article
Headline
Short Headline
Standfirst
Published Article
HeadlineHow Iran war could expose London to cyber attacks
Short HeadlineIran war puts London at cyber risk
StandfirstCyber experts warn London is already a target and rising Middle East tensions could disrupt everyday digital systems.
Cyber experts warn London faces a growing risk of being hacked as the war between the United States, Israel, and Iran intensifies.
On 2 March, the National Cyber Security Centre (NCSC) said there was “no current significant change” in the direct cyber threat from Iran.
But it warned the situation could evolve quickly, with organisations linked to the Middle East most likely to be targeted.
Since then, the UK has taken on a more active support role in the conflict by allowing the use of military bases and helping to intercept attacks.
The shift has sparked concern among analysts that London could become a focus for state-backed hackers and allied groups.
Cyber attacks have become part of the arsenal used by states in times of tension and conflict.
Dr Tim Stevens, an international security expert at King’s College London, said countries now deploy cyber as well as military, diplomatic and economic tools to gain advantage over rivals.
Dr Tim Stevens said: “States with suitable resources… use cyber as part of a wider toolbox… in peace and in war, and in everything in between.”
He said cyber operations do not begin when fighting starts and do not end when it stops.
London is already a target.
“London’s always in the crosshairs […] it’s a hugely rich city,” Dr Stevens said, pointing to its role as one of the world’s leading financial and data hubs.
The capital’s role as a global financial and data hub makes it attractive.
It is also highly dependent on digital systems.
“We rely on stable and reliable digital connectivity […] without that, we’re hugely exposed,” he said. This exposure is not new, but analysts say it becomes more relevant as geopolitical tensions rise.
Ollie Whitehouse, Chief Technology Officer of NCSC said: “To tackle the evolving threat landscape, stronger strategies and interventions are crucial.”
Ollie Whitehouse, Chief Technology Officer of the UK’s National Cyber Security Centre (NCSC) gave a talk at King College London addressing the current cyber threats to UK security.
Risk becomes clearer when looking at what a cyber attack on London might actually target.
That includes transport, banking, energy, and communications. Disrupting any one of these, even briefly, could have wide-reaching effects.
“We rely on stable and reliable digital connectivity… without that, we’re hugely exposed,” Dr Stevens says.
Conor Freeman, a former hacker who now works in cyber security says, “the most effective targets are those that would cause immediate, visible disruption […] critical infrastructure would be a likely focus.”
“Energy is probably the number one focus […] if you wanted to cause the maximum amount of havoc,” he added.
Conor Freeman, a former hacker, warns critical infrastructure in London would be the main target.
Freeman added: “If a couple of massive factories were to go out, that’s a huge supply chain issue […] it’s going to affect a lot of people’s jobs.”
Attackers will look for the simplest route in exploiting outdated software or systems that organisations have lost track of over time.
“They’re looking for low hanging fruit […] whatever’s easiest and whatever’s going to cause the most [impact],” Freeman said.
As organisations expand, their digital footprint can become harder to manage, increasing the chances that vulnerabilities go unnoticed. A single forgotten device can provide a foothold.
Freeeman said: “If a hacker finds that […] they can just move across your network and wreak havoc.”
“The real soft underbelly of London is small and medium enterprises,” Dr Stevens said.
These businesses can form part of larger supply chains, providing services or access to bigger firms and critical systems. Once inside, attackers can move across networks to reach more sensitive targets.
Dr Stevens said: “I want to go in through one of those […] and follow the supply chain.”
“Problems can ripple through supply chains and across borders,” he continued.
When the NCSC issued its alert on 2 March, it said there was no significant change in the direct threat from Iran. But raised concern of the potential for indirect risks for organisations with links to the region.
The extent of that risk will depend in part on Iran’s capacity, which is likely focused on military priorities within the Middle East.
“We might expect to see some sort of uptick,” Dr Stevens added.
In many cases, the aim is to create disruption quickly, attract attention and undermine confidence, rather than disable systems over the long term.
“How much chaos can they cause in a short amount of time […] scaremongering is the number one thing,” Freeman said.
How prepared London is for that kind of pressure is harder to assess
“You never know if you have enough resilience until you need it,” Dr Stevens said.
He added that “100% security is not possible,” meaning organisations must plan for disruption rather than assume it can always be prevented.
If disruption were to happen, the effects in London would likely be immediate.
Much of the city’s communication and data traffic passes through a small number of critical hubs. One of the most important is the London Internet Exchange.
“If the London Internet Exchange goes down… our internet connectivity dives,” Dr Stevens said.
“When internet connectivity dies […] it’s very difficult to communicate,” he added.
For now, there is no evidence that London is facing a cyber attack linked to the conflict.
But the conditions that shape that risk are shifting.
