The chief executive of the National Cyber Security Centre Ciaran Martin has warned that a category-one cyberattack on the UK is an inevitability.

Martin added that the country will probably suffer such an attack at some point in the next two years. A category-one attack would require a national response, and could include an attempt to harm an election process, or an assault that brought down energy infrastructure or banking services. An aggressive cyber incursion from a rogue nation could also be classed in category one. Last year’s WannaCry ransomware attack that impacted the NHS was considered as a category-two attack.

Related content

• “Active cyber defence”: UK’s first National Cyber Security Centre chief sets out strategy
• GCHQ unveils cybersecurity playbook after pilot with ‘UK’s most spoofed brand’ HMRC
• NAO says preventable WannaCry damage shows DoH and NHS must ‘get their act together’

Speaking to the Guardian, Martin said: “I think it is a matter of when, not if, and we will be fortunate to come to the end of the decade without having to trigger a category-one attack,” he said. “Some attacks will get through. What you need to do [when they do] is cauterise the damage.”

Figures published by the NCSC in October revealed that, in its first 12 months in operation, the centre had worked to combat a total of 591 “significant” cyberattacks, including 30 that required NCSC to coordinate a pan-government response.

Housed within GCHQ, the National Cyber Security Centre was launched in October 2016 to serve as a central source of expertise and oversight for the government’s cybersecurity operations. In February last year, its new headquarters in London’s Victoria was opened by the Queen.