High-profile attacks on household names have thrust the need for companies to react to save data and keep compliant, says AJ Thompson, pictured, CCO at the IT services company Northdoor plc.
As we head over the halfway point of 2025 it is already clear that cybercriminals are upping their efforts to gain access to sensitive and valuable data. We have seen an increased use of supply chains as a route into primary targets and as a result seen many large and household brands become victims of cyberattacks.
What have we seen so far this year?
The UK has witnessed several high-profile attacks including Marks and Spencer, Co-op and Harrods all of whom were hit by ransomware attacks. The nature of these attacks meant that there has been a longer-term impact which have seen the companies struggling not only to recover data but crucially to carry out day-to-day tasks including online shopping being taken out of action and a continuing struggle for individual stores to order stock in. The attack also saw the data of millions of customers compromised, which is already having reputational and likely regulatory consequences. All of this has meant that these firms have lost millions of pounds in revenue.
The public sector is also getting hit hard. The recent attack on the Legal Aid Agency saw all its online services taken offline with huge amounts of sensitive data stolen. We have also seen University College London Hospitals and University Hospital Southampton become the victims of cyber-attacks within the first half of the year. It is clear then that cybercriminals are continuing to attack across multiple sectors and that seemingly no matter who the organisation is they have been unable to keep attackers out.
It is not just restricted to large organisations either. A recent global survey found that the average number of cyber-attacks per organisation reached 1,925 per week in the first quarter of 2025. This is up by 47 percent compared to the same period in 2024. The UK government’s Cyber Security Breaches Survey highlighted how SMEs and micro businesses are also under constant attack from cybercriminals with 42 percent of UK SMEs experiencing a cyber-attack and 40 percent of micro businesses. So, 2025 has shown us that no business is safe from attack and that the cybercriminal is able to get through defences no matter the sector or budget spent. What, then, can companies do to protect themselves?
Locking the back door
Looking at most of the high-profile attacks this year it is clear that cybercriminals have been utilising new methods of gaining access to data and systems. Whilst the old adage that the employee is always the weakest link in a company’s cyber defences remains true, there is a new factor to take into consideration, and it is one that many companies have little control over.
Cybercriminals will always aim for the route of least resistance to breach cyber defences. This has, for many years, been the employee. Hitting a workforce with increasingly sophisticated and credible phishing attacks has been very successful over the past few years. However, as a result businesses have been quickly implementing solutions to stop attacks getting through as well as educating staff as to what these threats look like and how to deal with a suspicious looking approach.
With the front door increasingly secure, the last couple of years have seen cybercriminals finding new ways around. The breaches that have occurred so far in 2025 have seen an alarming similarity in so much as the cybercriminals have been finding the back door not just unlocked, but frankly, left open. By changing the direction of the attack cybercriminals are essentially negating any spend on frontline defences. Add to this the size and complex nature of modern supply chains it is no wonder that companies are struggling to maintain data security. They need to find ways of keeping frontline defences tight whilst being able to identify vulnerabilities lurking within their supply chain, allowing them to ‘lock the back door’.
Supply chain visibility
The traditional methods of understanding a partner’s network security has been through the distribution of questionnaires. This, however, relies on both the honesty and technical expertise of the person filling it out. In the face of an ever increasingly sophisticated cybercriminal this approach is neither appropriate nor effective. However, understanding where vulnerabilities lie with third or even fourth parties within your supply chain seems a daunting, if not impossible, task for most companies. With so many attacks originating in the supply the need to try and get some visibility must be a key focus over the next few months.
With questionnaires no longer an acceptable approach how can companies gain the access they need? The key is being able to utilise AI technology giving a 360-degree view of vulnerabilities lying within a supply chain. Third- and fourth-party partners’ systems can be analysed giving an immediate indication of where holes in systems might allow cybercriminals access to their primary target.
This gives you the opportunity to discuss with partners how they need to close these vulnerabilities before they are exploited by cybercriminals. It also offers companies the opportunity to work with potential partners to ensure that cyber security is of an acceptable standard before entering into a relationship with them, as well as being able to monitor security throughout the course of the relationship.
The threat to organisations from cybercriminals has once again been highlighted during the first half of 2025. This threat is only likely to increase in volume and sophistication over the coming months. The high-profile attacks this year should be enough to get all companies to look at their security, but also to consider where other vulnerabilities that are not covered by frontline defences.
The impact on companies of a successful breach can be catastrophic, not only in the immediate aftermath, but also longer-term consequences including financial, reputational and regulatory. The ability to keep the cybercriminal out is therefore critical. The second half of 2025 is going to be a challenging time for businesses, however, with solutions enabling them to close the gap between the threat and the ability to protect themselves, there may be brighter skies ahead.
