The looming foreign threat

In mid-November, the UK Security Service (MI5) issued an espionage alert to Members of Parliament, Peers and Parliamentary staff warning them of the danger posed by China. It came after MI5 identified Chinese intelligence officers attempting to recruit people with access to sensitive information about the British state. MPs raised concerns about products and vehicles manufactured in China, and the location of the new Chinese embassy.

MI5 described recruitment as occurring on LinkedIn, with targets being approached by two LinkedIn profiles belonging to Amanda Qiu and Shirly Shen. One councillor reported being approached directly on LinkedIn by one of these profiles offering him a job.

There may also be additional targets in the private, public or third sectors, including "Parliament staff, economists, think tank employees, geo-political consultants and those working alongside [the government]”. This may include accountants, who need to take extra care if working in such roles.

While China poses a cyber threat, it is also one of the world’s superpowers and the UK's third biggest trading partner. As such, managing the relationship is tricky. The UK government is introducing measures to manage the risks, including a £170m investment in renewing technology used by civil servants to safeguard sensitive work, and a £130m investment in various projects, including the National Cyber Security Centre’s (NCSC) and National Protective Security Authority’s work with critical businesses to protect their intellectual property.

Russia similarly poses a cyber threat. The UK government, alongside the governments of the US and Australia, announced new sanctions against Media Land, a Russian cyber crime group providing 'bulletproof' hosting services, enabling cyber criminals to conduct attacks, including ransomware and phishing attacks.

The UK government has also introduced a new Cyber Security and Resilience Bill to help protect organisations from cyber threats, including those posed by states like China.

Are we starting to see AI-automated cyber attacks?

Many organisations are grappling with AI’s potential impact on cyber security, with the general consensus that it can be used both to promote cyber attacks and to defend against them.

However, in practice, most observed cases of AI-powered attacks have been focused on supporting bad actors to do their work faster and better, including phishing attacks. GenAI has been used to generate email communications or deepfakes of voices and images, reconnaissance activities such as querying open-source information, or helping to create malware.

Earlier this month, Anthropic reported that its chatbot Claude was used by Chinese government-sponsored hackers to perform the first AI-orchestrated cyber espionage campaign, infiltrating around 30 global organisations.

Rather than simply providing information for attackers to tweak and use, this attack involved the use of AI agents to execute cyber attacks with limited human interaction. The targets were identified as large tech companies, financial institutions, chemical manufacturing companies, and government agencies.

Attackers were able to bypass Claude’s guardrails by giving the model the persona of an employee of a genuine cyber defence company conducting testing and breaking down the activities into small seemingly innocent tasks.

The jury is out on whether agentic AI can really be used to automate cyber attacks, with some feeling that such claims are a marketing tool for AI and cyber security companies. In addition, critics say that Anthropic’s report did not provide adequate detail for experts to review and confirm. Many feel that the technology is still too unwieldy to be used for automated cyber attacks.

A recent research paper by Google concluded that existing tools were not all that successful and were only in a testing phase. Anthropic also admitted that its chatbot made mistakes by, for example, making up fake usernames and passwords and claiming to have extracted secret information, which was in fact publicly available.

It is clear to see the potential for the use of agentic AI in both conducting and stopping cyber attacks. As many businesses explore the adoption of agentic AI in business and accounting processes, it is important to bear in mind how AI agents are secured, including what information they have access to. The NCSC Annual Review 2025 explores the impact of AI and Cyber Security, including autonomous cyber defence and Agentic AI.

Human error leads to another public sector data breach

At the beginning of November, it was reported that hundreds of resident details had been shared in a data breach. South Gloucestershire Council confirmed that personal information, including names, addresses, phone numbers and email addresses of 625 people who responded to a consultation on 24 October, were published online for three days.

The data breach was the result of human error; a worksheet was published without deleting personal data, as it should have done. Council officers confirmed that they took "very prompt action" to remove the data and reported the breach to the Information Commissioner's Office (ICO). They also indicated that they had taken measures to avoid a similar incident in the future.

This is not the first breach of this kind. In May 2025, the ICO announced that it had reprimanded the London Borough of Hammersmith and Fulham for “exposing personal details of 6,528 people for almost two years”. The breach occurred when the council responded to a freedom of information act with a response published on the council’s website including 10 workbooks with personal information.

These incidents are reminders of the importance of good internal practices and processes, including not collecting information that is not required, anonymising data, storing data in appropriate systems and implementing Data Loss Prevention and detection systems to alert on personal and sensitive data that may be leaked.

It’s not just about process and technological controls – people are equally important. Businesses should train their employees and relevant third parties about the importance of safeguarding data, and defined processes and procedures. NCSC’s 10 Steps to Cyber Security provides helpful guidance on engagement and training.

Cyber Security and Resilience Bill Introduced

The long-awaited Cyber Security and Resilience Bill has been introduced to Parliament, having its first reading on 12 November. The bill was included in the King’s Speech in July 2024, and will update the existing Network and Information Systems (NIS) Regulations 2018 to reflect the greater reliance on technology and the interconnectedness of the supply chain.

The purpose of the bill is to strengthen cyber defences for essential public services like healthcare, drinking water providers, transport and energy, to better protect against cyber criminals and state-backed actors, and to support economic growth.

The bill includes proposals such as bringing in Managed Service Providers, data centres and critical suppliers into scope, putting regulators on a stronger statutory footing to carry out their duties.

The bill could have an impact on accounting practices, as many are likely to be brought within scope either as critical suppliers or as managed service providers. They are also likely to have clients that will become subject to the regulations. This will mean raising the bar for cyber security, including by getting relevant certifications such as Cyber Essentials or similar.

ICAEW cyber security resources

Visit ICAEW's cyber security resources for further guidance and the latest updates and news.

Have something to share?

Email techfac@icaew.com with your cyber stories.