The companies said they have plans on paper in the event of a cyberattack

People should plan for potential cyber attacks by turning to pen and paper, according to the latest advice.

The Government has written to CEOs across the country strongly recommending that they should have physical copies of their plans ready as a precaution.

The recent spate of hacks has highlighted the chaos that can arise when hackers take down computer systems.

This warning comes as the National Cyber ​​Security Center (NCSC) reported an increase in more serious cyber attacks this year.

Criminal hacks at Marks and Spencer, The Co-op and Jaguar Land Rover led to empty shelves and halted production lines this year as companies struggled without their computer systems.

Richard Horne, chief executive of NSCS, said organizations needed to “have a plan for how they would continue to operate without their IT, (and rebuild that IT at a rapid pace), and that was an attack to overcome”.

Companies are being urged to look beyond cybersecurity controls toward a strategy known as “resilience engineering,” which focuses on building systems that are able to anticipate, absorb, recover and adapt in the event of an attack.

The agency suggests that it is better for plans to be in paper form or stored offline.

Although the total number of breaches handled by the National Cyber ​​Security Center in the first nine months of this year was 429, roughly the same number as in the corresponding period last year, there has been an increase in breaches with a greater impact.

The number of incidents of “national significance” represents nearly half, or 204, of all incidents. Last year it was only 89 in this category.

Incident of National Significance covers cyber attacks in the NCSC’s top three categories and UK law enforcement Classification model:

• Category 1: National cyber emergency.
• Category 2: A very important incident.
• Category 3: Major accident.
• Category 4: Major accident.
• Category 5: Moderate incident.
• Category 6: Spot accident.

Of this year’s incidents, 4% (18) were in the second-highest category of “critical importance.”

This represents a 50% increase in such incidents, an increase for the third year in a row.

The National Cyber ​​Security Center did not provide details about which attacks, whether overt or undeclared, fall into which category.

But as a measure, it is understood that the wave of attacks on UK retailers in the spring, which affected Brands & Spencer, The Co-op and Harrods, would be classified as major incidents.

One of the most serious attacks last year, on a blood testing provider, caused major problems for London hospitals. This resulted in significant clinical distress and directly contributed to the death of at least one patient.

The NCSC did not say which category this incident falls into.

The vast majority of attacks are financially motivated by criminal gangs that use ransomware or data extortion to blackmail the victim into sending bitcoins for ransom.

While most cybercrime gangs are based in Russia or former Soviet states, there is a resurgence of teenage hacking gangs believed to be based in English-speaking countries.

So far this year, seven teenagers have been arrested in the UK as part of investigations into major cyber attacks.

In addition to advice on preparedness and increased collaboration, the government is asking organizations to make better use of the free tools and services offered by the NCSC, for example free cyber insurance for small businesses that have completed the popular Cyber-Essentials programme.