The threat landscape is becoming more expansive and intricate, covering everything from targeted ransomware to phishing. Understanding the cyber risks your business faces can be challenging, especially if you haven’t experienced an attack firsthand. As a result, many businesses may overlook the potential severity of these risks. However, 50% of UK businesses reported falling victim to a cyber-crime between 2023-2024¹, making it clear that managing this risk is no longer just an IT responsibility, but a key issue company-wide.

This article explains what cyber-attacks are, how they occur, and the steps we can support you with to protect your business.

What are cyber attacks?

A cyber-attack is a purposeful attempt to steal, expose, modify, disrupt, or damage data, applications, or other assets by unlawfully accessing a network, computer system, or digital device. According to the UK Government’s Cyber Security Breaches Survey 2024², 50% of businesses have reported experiencing a cyber security breach or attack within the past 12 months.

 Why do they happen?

There are three main categories, with each having varying motivations:

1. Criminal

Criminal cyber attackers are driven by financial motives, aiming to profit through data breaches or disrupting business operations. Cybercriminals often use ransomware to seize data or lock devices, demanding payment from the targeted company.

2. Personal

Disgruntled current or former employees can sometimes target their company. They may take money, steal sensitive data, or disrupt a company’s systems. This is known as a personally motivated attacker.

3. Political

Political cyber-attacks occur in forms such as ‘cyberwarfare’. Since Russia’s invasion of Ukraine, companies across the UK were advised to prioritise securing their online defenses. The National Cyber Security Centre (NCSC) reported that the UK and its allies uncovered the ‘Snake’ malware threat, a key element in operations led by Centre 16 of Russia’s Federal Security Service (FSB)³. The implant has been used to gather sensitive information from targeted entities, including government networks, research institutions, and journalists, and has been identified in over 50 countries globally.

What are common cyber attacks?

Ransomware and Data Breaches

According to IBM, ransomware is the second most frequent type of cyberattack, representing 17% of all incidents⁴.

The most valuable asset that most companies hold in 2025 is their data. Whether a company relies on their systems to trade day to day or holds sensitive customer data, Cyber criminals know all too well that most companies cannot survive a ransomware attack for long. Ransomware attacks can result from something as simple as an employee opening an attachment in a seemingly normal-looking email. For a sophisticated cybercriminal, this is enough for ransomware to be installed on your network, giving the hacker the ability to not only shut down your network but also to access and leak data you hold.

Cybercriminals have shifted from demanding small ransoms to infiltrating networks for months, collecting data to sell or leak, and then using it to demand larger ransoms up to hundreds of thousands of pounds. In January 2024, LoanDepot, a prominent mortgage lender, was targeted by a ransomware attack that compromised the sensitive information of around 16.9 million customers, including Social Security numbers and addresses. Due to the disruption of operations and other effects of the cyberattack, LoanDepot faced an estimated $27 million in expenses for response and recovery efforts⁵.

Funds Transfer Fraud / Social Engineering Fraud

Almost all companies invoice clients for goods or services and work with suppliers who invoice them in return. Electronic payments can be vulnerable to cybercriminals who intercept and redirect funds to fraudulent accounts. These attacks can be perpetrated in a number of ways including:

• Social Engineering – whereby a member of your accounts team might be tricked into paying funds into a fraudulent account, following an extremely convincing call from someone pretending to be the client/supplier and advising of a change of bank details.
• Invoice Fraud – whereby an invoice attached to an email can be intercepted along the way, with the details changed to that of a fraudulent account before being released, seemingly with no discernible changes.

How can risks be mitigated?

77% of Cyber claims involve employee error, so training your staff is a crucial element of your Cyber risk management⁶. Steps can be as simple as implementing procedures, such as call-backs to a known contact before accepting a change of bank details.

Other mitigation strategies include:

• Using reputable antivirus software and firewalls – this is your first line of defense, so maintaining a strong firewall and keeping your security software up to date is critical.
• Patching (updating) – regular patching of vulnerable software is necessary to help prevent infection that takes advantage of out-of-date systems with known vulnerabilities.
• Strong passwords and multi-factor authentication – this will also reduce your risk of Business Email Compromise (BEC), which is another prolific problem and can lead to downtime, reputational impact, and large financial loss.

The NCSC has provided further guidance with actions you can take to reduce the risk of falling victim to an attack whilst the threat level is heightened here.

We are here to help

Speak with one of our experts to access a complementary cyber vulnerability assessment report and to obtain a cyber quotation here.

If you’re not sure where to start when it comes to your cyber security strategy, or you would like a second opinion to ensure your data is as protected as possible, our sister company, Specialist Risk Insurance Solutions, offer a complimentary ‘KYND’ report, which will put you in contact with an expert team that will be happy to assess your risk.

Contact us

If you are interested in understanding how a Cyber policy could help protect your business and complement your business continuity planning, speak to a member of the team on 0208 236 5350.

---

Sources

1. GOV UK: Cyber security breaches survey 2024 – GOV.UK
2. ibid. 
3. National Cyber and Security Centre: NCSC advises organisation to act following Russia’s attack on Ukraine
4. IBM: What is a cyber attack?
5. secureframe: 15 Recent Cyber Attacks & What They Tell Us About the Future of Cybersecurity
6. Khando, Khando, et al. “Enhancing Employees Information Security Awareness in Private and Public Organisations: A Systematic Literature Review.” Computers & Security, vol. 106, no. 1, 2021, p. 102267. Sciencedirect, https://doi.org/10.1016/j.cose.2021.102267

Small to medium enterprises (SMEs) are experiencing an increase in the costs of IT services. A study by Deloitte found that 59% of businesses outsource IT services to cut these costs¹, or they are managed internally by an individual or small team responsible for the business’s ‘digital estate’ and cybersecurity.

SMEs are still being disproportionately targeted by cyber criminals, with employees four times more likely to face a cyber threat than those at large organisations². Their motives include financial gain, disruption extortion, obtaining intellectual property, or to simply observe business interactions.

What should SMEs consider implementing to help their digital and cyber resilience?

It is highly recommended that SMEs and their employees develop a digital and cyber resilience strategy to ensure the necessary cybersecurity hygiene for operating in the digital domain. This strategy should be well practiced and actionable.

Lacking the fundamentals to reduce or mitigate potential cyber risks, regardless of business size, can determine whether a company contains the issue and recovers quickly, or suffers prolonged damage that hinders recovery.

Here are potential steps an SME can consider implementing (in no specific order):

• Conduct regular cybersecurity training and raise awareness of various social engineering tactics used by threat actors (e.g., emails, texts, phone calls, instant messaging).
• Regularly install security patches and enable system logs.
• Limit user permissions and controls.
• Develop an incident response, business continuity, and disaster recovery plan, supported by a monitoring tool (e.g., endpoint detection and response).
• Include an incident response retainer for proactive reviews of your environment, with support for cybersecurity incidents and threat intelligence to identify compromised user credentials on criminal forums.
• Harden the security configurations of systems, applications, and cloud services. Ensure proper role-based access, security controls, and Multi-Factor Authentication (MFA) across all platforms.
• Backup data, including offsite and separate storage, and regularly test restore capabilities. Ensure data is encrypted for added security.

In addition to having a robust response plan, every business should consider Cyber insurance. This coverage not only helps with indemnity for incurred costs, lost revenue, or third-party liabilities, but also provides access to expert breach responders who can help restore operations and protect the company’s reputation.

How we can help

Speak with one of our experts to access a complementary cyber vulnerability assessment report and to obtain a cyber quotation here.

If you’re not sure where to start when it comes to your cyber security strategy, or you would like a second opinion to ensure your data is as protected as possible, our sister company, Specialist Risk Insurance Solutions, offer a complimentary ‘KYND’ report, which will put you in contact with an expert team that will be happy to assess your risk.

Contact us

If you are interested in understanding how a Cyber policy could help protect your business and complement your business continuity planning, speak to a member of the team on 0208 236 5350.

---

Sources 

1. US Global Outsourcing Survey: us-global-outsourcing-survey-2022.pdf
2. Global Threat Intelligence Report: Global Threat Intelligence Report January-June 2024 | Mimecast