LONDON: Cyberattacks came to prominence in 2025 with a handful of major incidents that cost big British businesses dearly.

Jaguar Land Rover, Marks & Spencer and Harrods were some of the biggest firms to be targeted this year.

The scale of the incidents and their effect on the businesses, their staff and customers and the wider economy also highlighted that firms of all sizes can be vulnerable to attacks.

Andrew Bailey, governor of the Bank of England, said he thought cyberattacks were one of the biggest threats to UK financial stability and it was "critically important” to work together to guard against them.

Mike Maddison, chief executive of cybersecurity company NCC Group, said 2025 has "served as a tipping point.”

"Cyberattacks are far from new, but 2025 has shown just how deeply cyberrisk is intertwined with economic stability and business continuity,” he said.

Data from NCC shows that global ransomware attacks broke records in January and February, with 590 and 886 respectively.

Ransomware refers to software used by cybercriminals to access the computer systems of their victims, which can then be encrypted or data stolen until a ransom is paid.

A survey conducted by insurer Hiscox earlier this year found that 59% of small to medium businesses had experienced a cyberattack over the past 12 months, and 27% faced a ransomware attack.

For those companies that paid a ransom, 60% recovered some or all of their data, while 31% said attackers demanded more money, according to the survey of 5,750 respondents around the world.

Furthermore, UK cyberagency the National Cyber Security Centre said it handled 204 "nationally significant” cyberattacks in the year to September – up sharply from 89 the previous year.

"Compared to previous years, these attacks have been more far-reaching and costly, reaffirming that cybersecurity is no longer just an IT concern,” Maddison said.

"CEOs and government leaders should now be acutely aware that cyberresilience is fundamental to the UK’s long-term growth and resilience.”

Thought to be the biggest and most high-profile cyberattack in the UK this year was on British carmaker Jaguar Land Rover (JLR).

JLR stopped production across its UK factories for five weeks from September 1 after being targeted by hackers a day earlier.

The impact was severe and wide-reaching, with the company’s revenues plunging by more than £1bil (US$1.35bil/RM5.47bil) for the quarter to September and it sinking to a heavy loss as a result of the disruption.

Crucially, the shutdown was also behind slowing car production and therefore cited as a key reason for the UK economy contracting in September and October.

Experts from non-profit organisation the Cyber Monitoring Centre estimated that the incident cost the country around £1.9bil (RM10.40bil) and was the most "financially damaging cyberevent ever to hit the UK.”

A major hack on food, fashion and homeware retailer Marks & Spencer had huge ramifications for the company and exposed the threat of hackers taking the data of customers of a big household brand.

The retailer was forced to stop all online orders for around six weeks and suffered empty shelves due to disruption to its logistics systems after being targeted around the Easter weekend.

It said the hack cost it £324mil (RM1.77bil) in lost sales – but it was able to recover £100mil (RM547.3mil) of that through an insurance payout.

Customer personal data – which could have included names, email addresses, postal addresses and dates of birth – was also taken by hackers.

M&S was not the only retailer to be targeted in 2025, with luxury department store Harrods and supermarket group Co-op among those also being hit by damaging cyberattacks.

The boss of Co-op confirmed that all 6.5 million of its members had their data stolen.

Maddison said that 2025 "should be seen as a clear warning, not a one-off peak” with cybercriminals increasingly using artificial intelligence for phishing attempts and spotting vulnerabilities in a company’s systems.

"Supply chains will remain prime targets, as their complexity means disruption can spread quickly across sectors, intensifying the pressure to pay ransoms.”

"At the same time, cybermaturity is improving,” he added.

"Boards increasingly recognise that true cyberresilience goes beyond prevention and detection.”

The government is developing a Cybersecurity and Resilience Bill which is set to give regulators the power to fine companies if they fail to comply with cybersecurity rules.

New proposals introduced by the Home Office will mean businesses will have to notify the government if they plan on paying a ransom to cybercriminals, and will also ban public sector bodies and operators of critical national infrastructure from paying ransom demands. – dpa