The Growing Ransomware Crisis

Uploaded on 2025-05-14 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

The recent cyber attacks aimed at Marks & Spencer, the Co-op and Harrods have been in the news, but this is not just an issue for retailers, as hackers strike almost any firm, in any line of business, at any time and anywhere in the world. 

The reality for business leaders, and for investors, is that the risk is practically universal. FTSE 100 CEOs and entrepreneurs running small firms are living in fear that they will be next.

Cyber attacks have cost UK companies £44 billion in lost revenue over the past five years and have affected around 52% of firms. 

Some have called in former hostage negotiators, skilled in dealing with blackmailers and terrorists. Others have claimed on their insurance policies to pay ransom demands, fuelling concerns that the very existence of such cover encourages the criminal gangs. It seems that persistent criminals have no difficulty to find a way in through gaps in a company's cyber defences, such as the IT systems and serviced from a supplier. 

A hacking gang known as Scattered Spider has been attributed  responsibility for the attacks on Marks & Spencer  (M&S), Co-op and Harrods. The criminals that were involved launched the devastating assault over the Easter bank holiday, with serious and ongoing consequences for M&S. Senior management at M&S were reluctant to pay a ransom, as and when demands were made. Typically, this happens via the Dark Web and hackers demand payment in crypto currency. 

Experts have suggested that M&S exploit, now in its third week, is a classic 'ransomware' attack, where data systems are infiltrated, disabled and only unfrozen when a ransom is paid.

Customers have been unable to place orders via its website and app, warehouse staff have been sent home and the retailer's popular click-and-collect service remains suspended, though contactless payments in store have been restored. Even recruitment has been paused as fears grow that the cyber crisis could take months to resolve.
There are concerns that working from home could be a risk factor. According to M&S's latest annual report: 'The sophistication and frequency of cyber-attacks continue to increase' as the company operates 'a hybrid work model'.

Outsourcing IT by using contractors is also an issue. 'Our reliance on key third parties for selected services and/or hosting of data also exposes us to risks from vulnerabilities in their cyber and data controls.' M&S said in a statement.

  • The Co-op has admitted that hackers had been able to access a 'significant number' of its customers' personal data, including names and addresses, but not passwords or financial information such as credit card details of its 6.2 million members.
  • In November last year Co-op's rival Morrisons was hit by hackers who targeted its warehouse technology supplier Blue Yonder
  • The NHS, the Guardian newspaper and the British Library have also been subject to ransomware attacks, causing serious short-term disruption to their systems. In some cases, the damage is fatal.
  • Foreign exchange firm Travelex collapsed six months after a ransomware attack at the end of 2019. Administrators cited the incident as a key factor.

A recent British Government Report says that, 'For the serious and organised crime gangs behind the global fraud industry, ransomware is an increasingly lucrative part of their operations.' Ransomware attacks on UK firms 'significantly increased between 2024 and 2025', the report concludes, with an estimated 19,000 companies falling victim to a ransomware attack over that period. 

The UK National Cyber Security Centre (NCSC) reports that  76 per cent of UK businesses experienced a cyber security incident in the past year. Most were from lower-level 'phishing' attacks, where fake emails or websites are used to gain access to a user's password or credit card details to steal money.

The impact of ransomware attacks can be devastating and only 4% of organisations that pay-up recover all their data, and many take months to recover. The damaging consequence of an attack include:-

  • Financial Losses: Ransom demands can range from tens of thousands to millions of dollars or pounds. Even if the ransom is paid, the cost of recovery and disruption can be significant. 
  • Operational Disruptions: Ransomware can render systems unusable, leading to downtime and delays in business operations. 
  • Reputational Damage: A successful ransomware attack can damage a company's reputation and erode customer trust. 
  • Data Breaches: Ransomware attacks can expose sensitive data, leading to legal and financial liabilities. 

A critical question is whether companies are employing enough C level executives with sufficient expertise in cyber resilience field. The problem is that, however hard a business tries to secure its systems, it has to be watertight all of the time, whereas the hackers need only be lucky once.

Illumino  |    ThisIsMoney  |   CheckPoint  |    Gov.UK  |   N2W   |    ITPro

Image: Torsten Asmus

You Might Also Read: 

How Companies Can Manage Third-Party Vendor Risk:

If you like this website and use the comprehensive 8,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 




 

« Cyber Attacks Are Threatening The Survival Of Small Business
Evolving The CISO Role »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Malware.lu

Malware.lu

Malware.lu is a repository of malware and technical analysis. The goal of the project is to provide samples and technical analysis to security researchers.

Concise Technologies

Concise Technologies

Concise Technologies provide specialist IT and telecoms solutions, support services, managed backup, disaster recovery, cyber security and consultancy to SME businesses across the UK and Europe.

BlueID

BlueID

BlueID is an IDaaS technology product which enables your objects to securely connect and interact with your users’ smart phones and smart watches.

Coro Cybersecurity

Coro Cybersecurity

Coro (formerly Coronet) empowers organizations to protect against malware, ransomware, phishing, and botnets - across devices, users, and cloud applications.

Thinkst Applied Research

Thinkst Applied Research

Thinkst is an Applied Research company with a deep focus on information security.

NLnet Labs

NLnet Labs

NLnet Labs is a not-for-profit foundation with a long heritage in research and development, Internet architecture and governance, as well as security in the area of DNS and inter-domain routing.

CYQUEO

CYQUEO

CYQUEO is your professional partner and system integrator. We secure your organization against advanced cyber threats.

Exponential-e

Exponential-e

Exponential-e provide Cloud and Unified Communications services and world-class Managed IT Services including Cybersecurity.

Palmchip

Palmchip

Palmchip is a Cyber Security, SOC and Software consulting company. We design and develop high performance and secure applications.

Enzen

Enzen

Enzen is a global knowledge practice that provides consulting, technology, engineering, operating and innovation services to the energy and utility sectors.

Halogen Group

Halogen Group

Halogen Group is the leading Security Solutions Provider in West Africa. Services encompass Physical Security, Electronic Security, Virtual & Cyber Security, Risk Assessments and Training.

OSC Edge

OSC Edge

OSC was founded with the vision of providing expert solutions in IT to government and businesses. OSC Edge empowers organizations with solutions that prepare them for today and tomorrow.

BluSapphire

BluSapphire

BluSapphire is an industry-first, purpose-built, cloud-native, Hybrid XDR platform powered by AI and big data analytics.

Cypfer

Cypfer

CYPFER is a global market leader in ransomware post-breach remediation and cyber-attack first response.

DART Consulting & Training

DART Consulting & Training

DART is a leading cyber training and consultancy company. We enhance our clients’ cyber capabilities by growing and strengthening their frontline defense – the cyber teams.

Clarity

Clarity

Clarity is an AI cybersecurity startup that protects against deepfakes and new social engineering and phishing attack vectors accelerated by the rapid adoption of Generative AI.