Cyber Threats in the UK

Friday 10 October 2025 - BSIA COMMS & ID Cyber Solutions

Cyber attacks have surged in scale and sophistication in recent years. According to the UK Government’s Cyber Security Breaches Survey 2025, over 612,000 businesses and 61,000 charities have experienced some form of cyber breach or attack in the past year. While phishing remains the most common threat, affecting 85% of businesses, ransomware and supply chain attacks are rising sharply. 

The National Cyber Security Centre (NCSC) reported a threefold increase in severe incidents, with ransomware attacks now employing double and triple extortion tactics. AI-powered phishing and deepfake impersonations are also becoming prevalent, making it harder for businesses to identify spam links, emails, and other medium. 

Cyber attacks have become high-profile

In 2025, several major UK businesses have been hit hard by cyber attacks and breaches:

  • Jaguar Land Rover (JLR) suffered a ransomware attack that halted production for weeks, costing the business an estimated £50m per week.
  • Marks & Spencer lost £300m in revenue after a third-party breach that disrupted their online operations and systems for 46 days.
  • Co-op faced widespread disruption across 2,300 stores due to a supply chain attack.
  • Marketing platforms like Mailchimp and HubSpot were compromised, leading to phishing campaigns targeting thousands of UK businesses.

These incidents highlight how even well-resourced organisations are vulnerable, especially through third-party errors and human error. 

How businesses can be cyber secure

To protect against these threats, businesses must adopt a multi-layered approach.

Staff Training 

Human error remains the weakest link. Training employees to spot phishing, use strong passwords, and follow secure practices is essential.

Quantum-Safe Encryption

With quantum computing on the horizon, businesses must begin migrating to encryption methods that can withstand future threats. 

Cyber Essentials Certification

ID Cyber Solutions, a BSIA Affinity Partner, provide CPD courses for cyber security. These courses are ideal for any size business, and offer a practical starting point for cyber hygiene – allowing organisations to prevent cyber attacks and breaches with simple, checklist-type documents. 

Their courses offer practical training on password management, malware protection, secure device access, and awareness of common attack vendors, and are designed to help businesses mitigate common attacks and build a culture resilience. 

Cyber threats are no longer distant risks – they’re happening now, and they’re hitting hard. Whether you’re a small business or a national brand, the time to act is now. Training, technological revision, and verification is a proactive step toward cyber security. Don’t wait for a breach to learn the lesson.