A wave of sophisticated cyberattacks has swept across the United Kingdom, with an estimated 8.58 million cyber crimes affecting British businesses in the past year alone. According to recent government data, 43% of UK businesses reported experiencing a cyber security breach or attack in the last 12 months, with particularly high rates observed among medium (70%) and large businesses (74%).
The impact of these attacks extends beyond the corporate sector, affecting 30% of charities and 41% of health or care organisations. Phishing remains the most prevalent attack method, as the identification of over 560,000 new cyber threats daily highlights the rapidly evolving nature of these security challenges. The average business faced 30 cyber crimes annually, demonstrating the persistent nature of these threats. Small businesses are particularly vulnerable, as man-in-the-middle attacks can lead to devastating financial losses.
Cyber threats evolve relentlessly, with phishing attacks targeting organizations across sectors and over 560,000 new threats emerging daily.
Organizations have reported a concerning rise in incidents involving disruption to operations, with breaches leading to temporary loss of file or network access increasing from 4% to 7%. The average cost to businesses for remedying these attacks is £21,000 per incident.
The education sector has emerged as a primary target, with 30% of further and higher education institutions reporting breaches or attacks occurring at least weekly. Critical infrastructure sectors continue to face persistent threats, as the health and care sector grapples with a significant 41% breach rate.
The surge in attacks is partially attributed to increased digitisation and artificial intelligence adoption across industries. Despite an overall decline in cyber breach rates from 50% in 2024 to 43% in 2025, largely because of fewer incidents among smaller businesses, the economic impact remains substantial.
Online shopping fraud alone resulted in losses totaling £63.8 million in 2020, marking a 37% increase from the previous year, with average losses per victim reaching £720. The vulnerability environment continues to expand as organizations navigate digital transformation and remote operations.
Large enterprises, facing greater organizational complexity, consistently experience higher exposure to cyber threats. The government’s Cyber Security Breaches Survey reveals that inadequate cyber hygiene and insufficient investment in resilience measures amplify these risks, particularly as dependence on third-party services introduces additional points of vulnerability.
