More than two in five UK businesses experienced a cyber attack or security breach in the past year, according to the latest government Cyber Security Breaches Survey, highlighting the growing scale and sophistication of online threats.
The report shows that 43% of British firms were targeted, a figure unchanged from the previous year. However, experts warn that the nature of cyber attacks is evolving rapidly, with artificial intelligence making scams more convincing and ransomware incidents increasing.
Phishing Remains Top Cyber Threat for UK Businesses
Phishing continues to dominate as the most common form of cyber attack, with 85% of affected businesses identifying fraudulent emails or fake websites as the main source of breaches.
While individual phishing attempts may appear low-impact, their volume creates significant disruption, consuming staff time and increasing the risk of more serious attacks such as fraud or data theft.
Cybersecurity professionals warn that AI tools are now enabling attackers to craft highly realistic impersonation messages, making it harder for employees to distinguish between legitimate and malicious communications.
Larger Firms Face Higher Cyber Attack Rates
The survey reveals a clear divide between smaller and larger organisations.
Micro and small businesses reported fewer phishing incidents compared to previous years, helping to stabilise the overall breach rate. However, medium and large companies continue to face significantly higher risks, with 67% of medium-sized firms and 74% of large organisations reporting attacks.
Experts suggest that larger firms are more attractive targets due to their scale and resources, while also being better equipped to detect and report breaches.
Ransomware Attacks Double Across UK
One of the most significant trends identified in the report is the sharp rise in ransomware attacks.
The proportion of businesses facing ransomware demands doubled from less than 0.5% in 2024 to 1% in 2025, equating to around 19,000 companies.
Although many organisations have policies against paying ransoms, uncertainty remains, with a notable proportion of businesses unclear about their response strategy.
Financial Impact Varies Widely
While many cyber attacks result in little or no financial damage, the report highlights the potential for significant losses in more severe cases.
On average, businesses that suffered financial harm faced costs of around £3,550 per major incident, while cyber-enabled fraud cases averaged £5,900 and could reach £10,000 when excluding minor incidents.
These figures underline the uneven but potentially severe economic impact of cyber crime on UK organisations.
Cyber Preparedness Shows Mixed Progress
The survey indicates improvements in cyber security practices among small businesses, with more firms conducting risk assessments, adopting cyber insurance and developing continuity plans.
However, progress is less consistent across other sectors, particularly among charities, where budget constraints have led to reduced investment in cyber security measures.
At the same time, senior-level engagement appears to be declining, with fewer organisations assigning board-level responsibility for cyber security compared to previous years.
Awareness and Reporting Remain Key Challenges
Awareness of official cyber security guidance has fallen, with only a small proportion of businesses referencing support from bodies such as the National Cyber Security Centre.
Reporting of cyber incidents also remains limited, with many organisations choosing not to notify authorities if they perceive the breach as minor.
Experts warn that underreporting may obscure the true scale of cyber threats and hinder efforts to improve national resilience.
Growing Cyber Threat Landscape in the UK
The UK has seen a steady rise in cyber threats in recent years, driven by increased digitalisation, remote working and the growing use of cloud-based systems.
Government agencies and industry leaders have repeatedly warned that emerging technologies, particularly AI, are accelerating the sophistication of cyber attacks.
At the same time, geopolitical tensions and the activities of hostile states are contributing to a more complex threat environment.
Businesses Urged to Strengthen Cyber Defences
Officials are urging organisations to take proactive steps to improve cyber security, including staff training, stronger authentication systems and better incident response planning.
Despite the challenges, the survey suggests many businesses are able to recover quickly from attacks, with most returning to normal operations within 24 hours.
However, experts caution that the evolving nature of cyber threats means organisations must remain vigilant and continuously adapt their defences.