The data, covering the 12-month period between August 2020 and September 2021, saw the UK report a record number of incidents, 20% of which were targeted directly at the healthcare sector and vaccine research organisations.

The NCSC’s annual review flagged the “worrying growth” of criminals seeking to use ransomware software to extort organisations, with the agency declaring it “the most immediate cyber security threat to UK businesses.”

This type of attack locks individuals out of their computers until they pay a fee, often in bitcoin. In 2017, a ransomware attack brought the UK’s NHS to a halt, after a virus rapidly spread through hospitals and GP services, preventing medical staff from accessing patient data and providing treatment.

The report confirms remarks made in October by GCHQ’s Lindy Cameron, who told the Chatham House Cyber 2021 conference that state-backed criminal groups are seeking to use the pandemic to engage in cyber-attacks, targeting vaccine information and scamming individuals.

One successful response highlighted by the NCSC was a thwarted attack on the University of Oxford, which helped to develop the AstraZeneca vaccine, with the agency helping to prevent hackers from causing serious disruption to the UK’s Covid response.

Alongside the cyber-attacks reported to the NCSC, 5.9 million reports of malicious content were filed by the public, resulting in 53,000 scams and 96,500 URLs being removed from the internet. The NCSC, part of the UK’s GCHQ intelligence organisation, was established in 2016 to provide the country with a single point of contact for the government’s cyber security response to improve national defences and limit the risk of attacks.