Cyber threats every business needs to know about in 2025

1. AI-powered phishing and social engineering

AI is changing the cybercrime game. Attackers are now using AI to write personalised phishing emails and messages that mimic trusted contacts or executives. These hyper-targeted scams are difficult to detect and can trick even vigilant employees into sharing credentials or transferring funds.

The rise of groups like Scattered Spider, a collective of English-speaking hackers using social engineering and SIM swapping, has shown how effective these tactics can be.

Recent attacks on major retailers, including Marks & Spencer and Adidas, have highlighted the devastating financial and reputational impact of such breaches.

Mitigation tips:

• Implement multi-factor authentication (MFA) for all employees across all business systems.
• Regularly train staff to recognise phishing attempts and verify unusual requests.
• Deploy AI-based email filtering and behavioural analytics tools.

---

We spoke to Jeff Le, the Managing Principle at 100 Mile Strategies and expert in AI, cyber security, and emerging technology. In relation to the recent bout of large retailer cyber attacks, he explained that “Retail and logistics are clearly soft targets with little resistance. They are data rich and cyber poor, and consumer data, especially sensitive financial information, is a major threat of privacy and security.

Organizations should have a clear process that adheres to the data breach laws of note, while also providing meaningful steps to support impacted customers and partners. The amount of profit losses announced by M&S just highlight how these economic hits continue well beyond the initial wave of attack and data breach.”

---

2. Supply chain attacks

As businesses increasingly rely on third-party vendors and cloud services, supply chain attacks have surged. Cybercriminals target less-secure partners to infiltrate larger organisations. The World Economic Forum reports that 45% of organisations expect to face significant cyber-attacks on their supply chains by this year; and this report was written months before the recent wave of high profile attacks.

3. Ransomware-as-a-Service (RaaS) and data extortion

Ransomware attacks have evolved into a service model, enabling even low-skilled hackers to launch devastating attacks. Groups like LockBit offer RaaS platforms, allowing affiliates to deploy ransomware and share in the profits.

These attacks often involve not just data encryption but also threats to leak sensitive information, increasing pressure on victims to pay ransoms.

Mitigation tips:

• Maintain regular, secure backups of critical data.
• Implement endpoint protection and intrusion detection systems.
• Develop and regularly update an incident response plan.

4. Deepfake technology

Deepfake audio and video are emerging as powerful tools for cybercriminals. These convincing forgeries can be used to impersonate executives, authorise fraudulent transactions or spread disinformation. According to Pinar Alpay, "three years ago, deepfake attacks were only 0.1% of all fraud attempts we detected, but today, they represent around 6.5%, or 1 in 15 cases. This represents an increase of 2137% in the last three years.”

As deepfake technology becomes more accessible, businesses must be vigilant against this sophisticated form of social engineering.

5. Insider threats and human error

Despite technological advancements, human error remains a leading cause of data breaches. Insider threats, whether malicious or accidental, pose significant risks. A large proportion of data breaches are due to human error. According to InfoSecurity magazine, human error contributed to 95% of data breaches in 2024.

The M&S incident, where attackers deceived IT staff into resetting passwords, highlights the vulnerability of human factors in cybersecurity.

Mitigation tips:

• Implement strict access controls and the principle of least privilege.
• Conduct regular security awareness training for all employees.
• Monitor user activity for unusual behaviour.

6. Regulatory compliance: navigating new requirements

The UK's proposed Cyber Security and Resilience Bill aims to strengthen national cyber defences by expanding regulatory requirements for businesses. The legislation will introduce mandatory compliance with established cybersecurity standards and practices to ensure essential cyber safety measures are being implemented.

Organisations will need to demonstrate adherence to these standards through regular audits and reporting.

7. Cloud security challenges

The widespread adoption of cloud services introduces new cybersecurity challenges. Misconfigurations, weak credentials and lack of visibility can expose sensitive data to threats.

According to CrowdStrike’s 2024 Global Threat Report, a 75% increase in cloud intrusions was observed during 2023, mostly rooted in weak credentials and misconfigurations.

Mitigation tips:

• Implement strong authentication and encryption for cloud services.
• Regularly audit cloud configurations and access permissions.
• Use cloud security posture management tools to detect and remediate vulnerabilities.

Final thoughts: How can businesses prepare for cyber threats in 2025?

Cyber threats in 2025 are more sophisticated and pervasive than ever. Only if businesses understand the exact nature and cause of certain risks can they be prepared to protect themselves. 

Investing in cybersecurity is not just a defensive strategy, it’s a commitment to the trust and confidence of customers, investors and partners.

The most important thing you can do as a business when it comes to cyber security preparedness is to invest in the cyber literacy and awareness of your employees. To learn more abut this, you can visit our dedicated pages on cyber security courses.