LONDON — In a world increasingly defined by digital dependence, Britain’s top cyber-security authority has issued advice that sounds almost anachronistic: print it out.
The National Cyber Security Centre (NCSC), part of the intelligence agency GCHQ, has written to chief executives across the country recommending that businesses keep physical, offline copies of their emergency response plans. The advice follows a string of disruptive cyber-attacks that have left supermarket shelves empty, production lines halted, and hospitals scrambling to recover.
“It’s not enough to have cybersecurity controls,” said Richard Horne, the NCSC’s chief executive. “Organizations must plan for how they would continue to operate without their IT — and rebuild that IT at pace — were an attack to get through.”
The message lands amid growing anxiety that Britain’s critical systems — from retail supply chains to healthcare networks — are more brittle than they appear.
A Year of Disruption
This year alone, Marks & Spencer, The Co-op, and Jaguar Land Rover have all been hit by cyber incidents that forced shutdowns and delayed deliveries. The spate of attacks exposed how quickly digital paralysis can ripple into the physical economy.
According to the NCSC, while the number of total cyber incidents (429) in the first nine months of 2025 was roughly unchanged from the previous year, the severity of those attacks has surged. Nearly half — 204 cases — were categorized as “nationally significant,” up from 89 during the same period last year.
That includes 18 attacks classified as “highly significant” — the second-most serious level in Britain’s cyber-incident ranking system, a 50 percent increase over 2024.
The agency declined to identify which events fit each classification. But officials pointed to this spring’s coordinated attacks on major U.K. retailers, which disrupted point-of-sale systems nationwide, as the kind of event that qualifies as “significant.”
One earlier episode underscores the potential human toll: a 2024 breach at a London blood-testing provider crippled hospital operations and was later linked to at least one patient death.
FCRF Launches CCLP Program to Train India’s Next Generation of Cyber Law Practitioners
The Rise of Criminal and Teenage Hackers
Investigators say the majority of attacks continue to be financially motivated, with ransomware and data-extortion schemes leading the field. In most cases, gangs encrypt a company’s files or threaten to leak stolen data unless a ransom — often in Bitcoin — is paid.
The NCSC estimates that most criminal networks operate from Russia or former Soviet states, shielded by limited extradition agreements and lenient local enforcement. But a worrying new pattern is emerging closer to home: a resurgence of teenage hacking groups in the U.K. and other English-speaking countries.
So far this year, seven British teenagers have been arrested in connection with major cyber-attacks, echoing the high-profile arrests of so-called “Lapsus$” members in recent years. Officials fear that younger, self-taught hackers — drawn by the lure of notoriety and cryptocurrency — are increasingly driving smaller but sophisticated breaches.
Resilience, Not Just Defense
The NCSC’s letter urges companies to think beyond firewalls and antivirus software toward what experts call “resilience engineering.” The concept, borrowed from safety-critical industries like aviation, focuses on anticipating, absorbing, recovering, and adapting when systems fail.
“Resilience is about what you do after the breach,” said one senior government adviser. “You have to assume compromise is inevitable — then design your response so it doesn’t cripple operations.”
That may mean keeping emergency contacts, system restoration guides, and continuity plans in printed binders — or at least stored offline. The logic is simple: when networks collapse, digital playbooks become useless.
The government is also urging firms to take advantage of the free tools and services offered by the NCSC, including no-cost cyber-insurance for small businesses that complete the Cyber Essentials program, a voluntary security certification scheme.
Whether companies will heed the advice remains uncertain. For many executives, the notion of reverting to pen and paper evokes a pre-digital era they thought they had left behind. But as cyber threats evolve faster than defenses, analog preparedness may once again become a mark of digital sophistication.
