Cybercrime in 2025

Cybercrime in 2025: How the Threat Has Evolved Since 2012

Back in 2012, I recorded a video about cybercrime and its impact on UK businesses. Fast forward to 2025, and the threat landscape has changed beyond recognition.

While the core message remains, staff training and awareness are crucial; the scale, sophistication, and consequences of cybercrime have grown exponentially. Here’s an updated look at what’s changed, what’s stayed the same, and what every business owner needs to know.

The Cost of Cybercrime: 2024 in Numbers

While the most recent official statistics are from 2024, this article reflects the state of cybercrime and best practices as we enter 2025.

  • Half of UK businesses (50%) and a third of charities (32%) reported a cyber breach or attack in the past year. For medium-sized businesses, this rises to 70%, and for large businesses, it is 74%. [www.gov.uk]
  • Phishing remains the top threat, affecting 84% of businesses that have been breached. [www.gov.uk]
  • Average cost of the most disruptive breach: £1,205 for businesses of any size, but £10,830 for medium and large businesses. [www.gov.uk]
  • Ransomware attacks reached record levels in 2024, with data exfiltration (theft) involved in 94% of cases. [www.silicon.co.uk]
  • Supply chain attacks have doubled in the last year, with 30% of all cyberattacks now originating via third-party suppliers. [www.ft.com]

“Cybercrime affects over 39% of businesses monthly, illustrating the critical need for effective cyber defence mechanisms.”
- 127 Media, How Can My Business Improve Cyber Security?

The Human Factor: Still the Weakest Link

  • Phishing attacks are more sophisticated than ever, with 32% of phishing emails now generated by AI.
  • Attackers use social media and public data to impersonate colleagues, suppliers, or even customers, making scams highly convincing.
  • Real-world example: In April 2025, Marks & Spencer suffered a major cyberattack after a third-party contractor was compromised, disrupting online shopping and incurring an estimated £300 million in costs.

Supply Chain Attacks: The Modern Delivery Scam

  • Jaguar Land Rover (JLR) was hit by a cyberattack in August 2025, halting production for weeks and costing an estimated £50 million per week. The attack’s impact rippled through the supply chain, threatening thousands of jobs and forcing the government to step in with a £1.5 billion loan guarantee. 
  • 30% of cyberattacks in 2024 originated via third-party suppliers, double the previous year.
  • Financial services: 58% of large UK financial firms suffered at least one supply chain attack in 2024.

Ransomware and Emerging Threats

  • Ransomware remains a dominant threat. While the number of attacks fluctuates, the tactics are evolving, with double extortion (threatening to leak data) now common. 
  • Manufacturing, finance, and healthcare are the most targeted sectors in the UK. 
  • AI in cybercrime: Attackers use AI to automate phishing, develop new malware, and even create deepfakes for social engineering.

Modern Security Strategies: What Works in 2025

  1. Zero Trust Model
    Never trust, always verify. Every user and device must be authenticated, even inside your network.
  2. Multi-Factor Authentication (MFA)
    Passwords alone are no longer enough. MFA is essential for all accounts, yet adoption remains inconsistent.
  3. Regular Cybersecurity Risk Assessments
    Only 31% of UK businesses conduct regular risk assessments, leaving many vulnerable to potential risks.
  4. Incident Response Planning
    Have a formal, tested plan for cyber incidents, including regular data backups and clear communication protocols.
  5. Cyber Insurance
    The cost of an attack can be crippling. Cyber insurance can help a business recover more quickly.
  6. Continuous Training
    One-off training sessions are not enough. Staff training should be ongoing, interactive, and regularly updated to reflect new scam tactics and evolving threats.

Support and Resources

 

Key 2024 UK Cybercrime Statistics

Metric
Latest Value/Trend (2024)
Source

% of UK businesses breached

50% (70% medium, 74% large)

Most common attack type

Phishing (84% of breaches) 

Average cost per breach (medium biz)

£10,830 

Ransomware prevalence

 Record levels, 94% involve data exfiltration

Supply chain attack frequency 

Doubled in 2024; 30% of attacks via third parties

FT

MFA adoption 

Still lagging; strong passwords and MFA essential

Final Thoughts

Cybercrime is now a persistent and evolving threat. While technology and tactics have changed since 2012, the most effective defences remain a combination of robust technical controls and well-trained, vigilant staff. By adopting a Zero Trust mindset, implementing MFA, conducting regular risk assessments, and investing in continuous training, businesses can significantly reduce their risk.

For further guidance, consult the NCSC and NWCRC, and consider Cyber Essentials certification to demonstrate your commitment to security.

If you need help with any aspect of your digital security, contact 127 Media for expert advice and support.

I hope you enjoyed todays blog post “Cybercrime in 2025: How the Threat Has Evolved Since 2012” and found the topic interesting.

If you liked it, please go and give it a like and share on LinkedIn.

At 127 Media, we’re proud of our track record – backed by our five-star reviews on Facebook and Google. Our strength lies in delivering a personal service that fosters trust.

If you’re ready for a partnership built on dedication and results, call +44 01704 332127 or email info@127media.com.

Thanks for stopping by.

Until next time.

Gary