Cyberattacks rose to prominence in 2025, inflicting significant financial damage on major UK businesses and revealing widespread vulnerabilities across the economy.

Among the highest-profile targets were automotive giant Jaguar Land Rover, stalwart retailer Marks & Spencer and luxury department store Harrods, highlighting how businesses of all sizes are susceptible to sophisticated digital threats.

Andrew Bailey, Governor of the Bank of England, has expressed his belief that cyberattacks represent one of the most significant threats to the UK’s financial stability, highlighting the “critically important” need for collaborative defence.

Mike Maddison, chief executive of cybersecurity firm NCC Group, described 2025 as a “tipping point”.

He said: “Cyber ​​attacks are far from new, but 2025 has shown how cyber risk is closely linked to economic stability and business continuity. »

Data from NCC Group revealed a record increase in global ransomware attacks, with 590 incidents recorded in January and 886 in February.

Ransomware, malware, allows cybercriminals to encrypt computer systems or steal data, holding it hostage until a payment is made.

A survey by insurer Hiscox earlier this year indicated that 59 percent of small and medium-sized businesses had suffered a cyberattack in the previous 12 months, and 27 percent had faced a ransomware request.

Of those who paid, 60 percent got some or all of the data back, although 31 percent reported the attackers demanded additional payments, according to the survey of 5,750 respondents worldwide.

open image in gallery

The UK’s National Cyber ​​Security Center (NCSC) reported dealing with 204 cyberattacks of “national significance” in the year to September, a sharp increase from 89 the previous year.

Mr. Maddison noted: “Compared to previous years, these attacks have been larger and more costly, reaffirming that cybersecurity is no longer just an IT concern. »

He added: “CEOs and government leaders should now be keenly aware that cyber resilience is fundamental to the UK’s long-term growth and resilience. »

Perhaps the largest and costliest cyberattack in the UK this year was against Jaguar Land Rover.

The carmaker halted production at its UK factories for five weeks from September 1, following a hack the day before.

The disruption led to a fall in revenue of more than £1 billion for the quarter ended September and a substantial loss for the business.

Crucially, the lockdown was also cited as a key factor in the contraction of the UK economy in September and October due to slowing car production.

Experts at the Cyber ​​Monitoring Centre, a not-for-profit organisation, estimated that the incident cost the country around £1.9 billion, calling it “the most financially damaging cyber event to ever happen to the UK”.

Marks & Spencer, the food, fashion and homewares retailer, was also the victim of a major hack, which had far-reaching consequences and highlighted the risk of customer data being stolen from major consumer brands.

The retailer was forced to suspend all online orders for around six weeks and found itself facing empty shelves due to disruptions to its logistics systems after being targeted over the Easter weekend.

M&S reported a sales loss of £324 million, although it managed to recoup £100 million through an insurance compensation.

open image in gallery

Customers’ personal data, including names, email addresses, postal addresses and dates of birth, were also compromised.

M&S was not alone; Other retailers hit by devastating cyberattacks in 2025 include luxury department store Harrods and supermarket group Co-op.

The head of the cooperative confirmed that data belonging to all of its 6.5 million members had been stolen.

Mr Maddison warned that 2025 “should be seen as a clear warning, not a one-off peak”, predicting that cybercriminals will increasingly exploit artificial intelligence to attempt phishing and identify system vulnerabilities.

He predicted: “Supply chains will remain prime targets, as their complexity means disruptions can spread quickly across all sectors, intensifying pressure to pay ransoms. »

However, he also observed: “At the same time, cyber maturity is improving,” noting that “boards are increasingly recognizing that true cyber resilience goes beyond prevention and detection.”

In response, the government is developing a Cybersecurity and Resilience Bill, which aims to give regulators the power to impose fines on companies that fail to comply with cybersecurity regulations.

New Home Office proposals will force businesses to inform the government if they intend to pay a ransom to cybercriminals, while banning public sector bodies and operators of critical national infrastructure from making such payments.