Enemy states suspected in 600% surge of cyber attacks on UK scientific funding body

EXCLUSIVE

Enemy states attempting to steal Britain's scientific secrets on an industrial scale are feared to be behind a chilling 600% increase in cyber attacks on the government body overseeing the financing of the crucial sector. UK Research and Innovation (UKRI), the national funding agency investing in science and research in the UK, has been targeted by 5.4m cyber attacks this year with experts warning rogue foreign powers - led by Russia - could be trying to critically damage UK interests.

Exclusive data, disclosed to The Daily Express via the Freedom of Information (FOI) act, reveals that UKRI repelled 5,431,069 attacks in the first four months of 2025. This was a rise on 757,222 attacks in the whole of 2024 and 496,832 in 2023. Of this figure 236,357 were phishing attacks designed to trick staff into handing over sensitive information. A further 11,226 were logged as malware attacks, which involves hackers sending malicious software designed to damage computer systems and steal data. The remaining attacks were logged as spam or malicious emails.

The executive non-departmental funding body, sponsored by the Department for Science, Innovation and Technology, is responsible for investing £8 billion of taxpayers' money each year into research and innovation and the people who make it happen. They work across a huge range of fields - from biodiversity conservation to quantum computing, and from space telescopes to innovative health care.

They are seen as a key component in delivering future national growth, proving British entrepreneurs and innovators with the opportunity to contribute and to create, develop and deploy world-beating new ideas and technologies.

They acknowledge a sharp rise in attacks but claim a difference with their recording of the data means levels for 2023 and 2024 may have been higher than revealed by the FOI request.

Patrick Sullivan, CEO, of Parliament Street think tank said: "Rapidly rising cyber attacks can only mean one thing; rogue foreign states are attempting to sabotage UK infrastructure. Britain urgently needs to boost its national cyber defences to stop these dangerous dictators from wreaking havoc on UK soil."

Cyber expert Arkadiy Ukolov, co-founder and CEO of Ulla Technology added: "These figures underline daily barrage of cyber threats facing key government organisations. With so many workers now casually using third party AI tools and social platforms to collaborate and share confidential data, the risks of a cyber breach are now increasing dramatically.

"Tackling this problem requires a cyber -first approach, with staff fully trained on the risks of AI, as well as working from an enclosed, properly protected secure IT system, to keep data safe from hackers at all times."

Rick Boyce, Chief for Technology at AND Digital said: "These extensive incidents underline the severity of the threat facing public and private sector organisations on a daily basis. Burying your head in the sand is no longer an option - creating a security culture must be a priority in every board room, and cyber security awareness needs to be embedded in very function. Allowing security to remain siloed as an 'IT thing' will leave you exposed.

"The emergence of AI is seeing new threats and attacks emerge at a pace we've never seen before and this is driving a material increase in successful attacks across all sectors. The effect of this will compound quickly - every organisation needs to adapt moving beyond traditional approaches to protect themselves in a changing environment."

Skills expert Sheila Flavell CBE, Chief Operating Officer at FDM Group said: "Growing volumes of increasingly sophisticated cyber attacks on critical national infrastructure and research centres underline the need for a comprehensive security strategy within the workforce.

"Cyber skills and threat awareness are no longer the preserve of the IT team; they should be built into the DNA of each and every employee. Key to this effort should be investing in the latest accredited training, alongside enforcing robust security policies and procedures to keep malicious hackers at bay."

A UKRI spokesperson said: "Cyber threats are a constant feature of the digital landscape and like many public and private sector organisations, UKRI continues to experience attempted cyber attacks. We manage these threats through our robust systems, and remain ever vigilant to protect our vital digital infrastructure."

The body says the figures for 2025 statistics show the data from five email servers over the last 90 days only, whilst the figures for 2024 and 2023 were taken from one server.

The spokesperson added: "It would be inaccurate to infer that the number of cyber attacks has increased by such a large extent, as these are not comparable datasets."