Cyber Security is something we have all heard of, but it has been flung into the mainstream media of late with the attacks on the retail giant M&S and Co-Op and even Harrods.
Even in America, the NSA data centre receives between 25,000 to 80,000 attacks each day.
Since the early days of the internet, cyber security has been a growing topic, but it seems more important now, since we have moved into the digital world.
For most of us, the fear is our banking, since high street banks are becoming a thing of the past and most of us now access our banks via a smart phone.
Internet banking can trace its roots back to 1982 with Nottingham Building Society launching its Homelink service, but for most of us today, all our banking is online.
Since almost every business in the UK has a website, cyber security is very much danger, but the risks seem higher for certain business sectors, and even certain businesses.
What is cyber crime?
Cyber crime is the criminal act of breaching a companies or organisations computer networks. This could include hacking, phishing, identity theft, ransomware and malware infections.
The recent attacks on Harrods, M&S and the Co-op were all carried out by the same criminal group which was based on ransomware (paying money in order to be released from the threat).
Cyber crime has evolved over the years, from phishing emails requesting you help transfer millions of pounds from an African prince, to the latest malware that breaches a network.
Here are the top ten industries in the UK that are sufferance cyber security risks in 2025:
1. Government agencies, defence and national security.
As in America, the heart of our society is the civil services, HMRC (His Majesties Revenue And Customs, Ministry of Defence, GCHQ, MI5 & MI6.
Key threats include espionage (stealing of sensitive data) and DDoS attacks, to overwhelm systems and/or disrupt services.
2. Energy and utilities.
The energy and utilities is the backbone of our society and plays a critical part in the running of UK society.
Key threats include causing system overload and outages as well as crashing websites and power grids.
3. Public and private healthcare.
With over 68 million people in the UK, the healthcare sector is one of the fastest growing industries in the UK. The NHS is the UK’s largest employer with over 1.5 million staff.
Key threats include data protection.
4. The manufacturing industry.
Manufacturing is a global trade, and despite the industry shrinking in the UK, the sector still contributes over £200 billion to the economy.
Key threats include ransomware, the leak of intellectual property and disrupting supply chains.
5. The financial sector.
The UK is still a hub in the global financial sector, contributing around 10% to the UK economy with its heart in the City of London. Since the financial industry is now digital, this is a high risk sector.
Key threats include crashing of the stock market, banks and building society websites, data leakage and cryptocurrency exploits.
6. Professional services.
Private companies such as accountants and solicitors have all seen increased cyber attacks in the last few years.
Key threats include ransomware, website downtime and data leaks.
7. Technology services.
Technology companies such as IT services, hardware and software companies all are at risk to cyber security, in particular with updates exposing areas of vulnerability.
Key threats include data breaches and ransomware as well as website downtime.
8. Retail sector.
We have seen from the past couple of weeks in April 2025, the UK retail industry is a lucrative target for cybercriminals. Since online payments, contactless payments are preferred to cash, vulnerabilities are hunted down and exploited.
Key threats are POS (point of sale terminals), websites and data breaches.
9. Education sector.
Schools, colleges, universities are targeted in order to disrupt day to day operations and also to obtain data.
Key threats include disrupting online learning platforms, school and university websites as well as harvesting student data.
10. Small businesses (SME companies).
With millions of SME companies around, many have lack of experience when it comes to cyber security, and do not have the budgets in order to adequately protect themselves.
Key threats include phishing (harvesting data), system downtime, website downtime and ransomware.
The Home Office has more information about cyber security breaches carried out each year if you follow this link.
How is cybercrime carried out?
‘The dark web’ plays an important roll for cyber criminals, which is an area of the internet that is not monitored by the leading search engines such as Google and Bing.
The main web browser that is used to access ‘the dark web’ is Tor Browser (or Tor Project), which anonymises website traffic rather than using ‘cookies’ and tracking IP activity.
Cyber crime is carried out by a wide range of individuals and groups, including skilled hackers, organised crime, state sponsored cyber attacks and would be hackers that hold a grudge against a business.
How to protect my business against cyber crime?
The main companies that are targeted by cyber crime are large businesses, financial institutions, government & councils, as well as hubs such as the police, the NHS and infrastructure.
Many larger companies have IT departments that are running 24/7 managed IT support services to keep their systems safe, but as we have seen, cyber criminals are always one step ahead.
Most IT companies incorporate cyber security to smaller companies they manage, both for websites and software systems.
SME’s are targeted by bots rather than cyber terrorists, but the dangers are ever present.
