Ransomware attacks on the rise in 2025

Last week Panorama highlighted the increasing impact ransomware is having on the UK. The facts paint a sobering picture:

• 19,000 ransomware attacks took place against businesses in the UK
• The typical ransom demand is around $4 million
• One organisation falls victim to an encryption attack every day
• M&S lost £300 million in profits in the recent reported breach.

Ransomware is a type of software that cyber criminals use to attack computer systems. It can block a user’s access to a system, encrypt data and files so no-one can open them or steal data. If businesses want to get their data or access to their devices back, they must pay a ransom.

The National Crime Agency says that ransomware is on the rise which is a danger to all businesses. It has the potential to cause financial damage and disrupt essential services. As well as lead to theft of data or intellectual property.

This makes it one of the most harmful cyber threats facing UK organisations today.

The lack of basic security measures is the main reason for serious data breaches. Common entry points include open portals, unpatched servers and phishing scams. The programme showed how attackers got into a server by guessing a weak password. They encrypted key systems, deleted backups and held data hostage. The business wasn’t prepared for the outcome of the attack. Even though they had implemented recommended security measures.

The effects of ransomware attacks include:

• Significant operational disruption, with services stopped for extended periods
• High financial impact, including system rebuilds, legal advice, PR efforts. Even if the ransom wasn’t paid, these indirect costs were still incurred
• A deep emotional toll: IT teams reported stress and sleepless nights. The workforce lost confidence in senior management.

It’s easy to think that a ransomware attack won’t happen to you. But Panorama make it clear that the number of attacks is increasing and nobody is safe. Businesses continuing to pay ransoms and ignore basic security measures. This makes ransomware a profitable channel for criminals.

At the least businesses must ensure they put in place the following.

Passwords and access – use strong, unique passwords and enable multi-factor authentication.

Patch management – keep all systems up to date. Install software patches within 14 days of release.

Backups – automate regular backups and store them offline or in a separate network

Incident response – develop plans, test them and include scenarios like ransomware

Cyber insurance – consider policies that include incident response support and financial cover.

Cyber Essentials certification

You can help protect your business against the most common threats with this scheme. It designed to be accessible for businesses of all sizes. Certification involves putting into place the five basic control measures recommended by the National Cyber Security Centre (NCSC). Find out how to get certified today.

Cyber security awareness training

Cyber awareness training is a great way to help protect your people and organisation. Educating employees (not forgetting the C-suite!) on the latest threats through cyber security training helps reduce risk. Regular phishing simulations and training courses can be effective tools. Learn more about Human Risk Management.

Vulnerability scanning and endpoint security monitoring

This is an extra layer of protection added onto your devices in the form of a software agent. It scans endpoints for threats making possible to identify and resolve issues fast. Discover the benefits of endpoint monitoring.

Find out more about ransomware on the National Cyber Security Centre’s website.

Protect your people, data and systems from cyber threats using market leading tools.