China Linked Hacking Threats to UK Businesses Spark Cybersecurity Alert

The UK’s leading companies are facing heightened cyber risks as officials at the National Cyber Security Centre (NCSC) have issued new warnings regarding vulnerabilities in widely used Cisco firewall devices. Concerns have been raised over Chinese state-sponsored hackers potentially targeting corporate networks, escalating fears across Britain’s public and private sectors.

According to the NCSC, phishing attempts and advanced breaches have been detected on Cisco devices that protect companies’ essential digital infrastructure. The agency has moved to directly notify major organisations, pressing them to undertake prompt cybersecurity upgrades. In one striking example, a business responded by disconnecting its internet and physically removing the devices in question.

Cisco, based in the US but with extensive UK operations, reported that attackers have already exploited flaws in a number of customer networks. The company has issued an urgent call for device owners to install new software updates, which correct the vulnerabilities. The technology giant began collaborating with government incident response teams as soon as the issue surfaced earlier in the year.

Among those heeding the warnings, NHS leaders have encouraged urgent patching of affected firewall systems. While the NHS has not reported direct breaches, cybersecurity officials believe a sophisticated malicious programme—described as a “bootkit” for hidden, persistent access—has been deployed by attackers attempting to infiltrate various networks.

Recent high-profile attacks have underscored the gravity of the threat. Marks & Spencer experienced weeks of online order disruption and supply shortages after a major hack, while Jaguar Land Rover was forced to halt production for a month, incurring losses estimated at £50 million per week.

Industry experts underline that the release of security patches often accelerates malicious activity, as hackers race to exploit known weaknesses before organisations can secure their systems. Palo Alto Networks and other cybersecurity firms have traced these latest campaigns to groups connected to Chinese actors, resembling the ‘Storm-1849’ group previously accused of orchestrating targeted cyber espionage and intellectual property theft.

Government agencies on both sides of the Atlantic have responded with emergency directives, highlighting the importance of robust digital defences. A spokeswoman for Cisco emphasised the existence of three newly discovered vulnerabilities, attributing these attacks to the same state-linked group behind the Arcane Door campaign uncovered earlier this year. She strongly recommended that all customers upgrade immediately to the latest fixed software releases.

|||