Cyberattacks are rising fast. Big names like Marks & Spencer, Co-op, and Harrods have all been hit this year. But it’s not just the big players. Small and medium-sized businesses (SMBs) are being targeted, and most aren’t ready.
This article shows you what threats are out there, why many businesses still are not protected, and what you can do to stay safe. If you are short on time, download our free infographic or book a quick chat with us to get started.
The Threats Are Real, And Growing
Cyber criminals are getting smarter. They’re using AI to write phishing emails, tricking staff, and breaking into systems through suppliers. Here are just a few recent examples:
- Marks & Spencer was hit by a ransomware attack in April 2025. Hackers got in through a third-party IT contractor. The result? 46 days of online outages, stolen customer data, and a £300 million profit warning.
- Co-op had its tills go down in May 2025. Stores couldn’t take payments. Stock deliveries failed.
- Harrods and other retailers were also targeted in a wave of ransomware attacks by a group called DragonForce.
- Mailchimp and HubSpot were breached, too. Hackers used stolen credentials to send fake emails and steal more data.
These aren’t just IT problems. They’re business problems.
SMBs Are Easy Targets
You might think your business is too small to be a target. That’s not true.
- 81% of cyber-attacked businesses in the UK are SMBs.
- Only 22% of UK businesses have a formal cyber incident plan.
- Just 31% of businesses and 26% of charities ran a cyber risk assessment in 2024.
- 97% of attacks could have been stopped with basic cybersecurity tools.
What the Numbers Say
According to official UK statistics published in June 2025, SMBs are increasingly recognising the importance of cybersecurity, with most considering it a high priority. Many are improving their cyber hygiene by adopting formal policies, conducting risk assessments, and securing cyber insurance. Medium-sized businesses tend to be more advanced in their preparedness, with over half having formal cybersecurity strategies and incident response plans. However, smaller firms are catching up, showing year-on-year improvements in planning and awareness.
Supply Chain Risks
Despite these gains, SMBs still face challenges. Advanced technical controls, such as two-factor authentication and VPNs, are not widely adopted, and staff training remains limited. One key area of concern is supply chain risk, which refers to the potential vulnerabilities introduced by third-party suppliers or service providers who have access to a business’s systems or data. If these suppliers are not secure, they can become entry points for cyberattacks. Nevertheless, only a minority of SMBs actively assess these risks, leaving a critical gap in their overall cyber resilience.
The Threat Landscape
Phishing remains the most common and disruptive cyber threat facing UK SMBs. However, ransomware attacks have doubled, and while breach rates have slightly declined for small firms, medium-sized businesses continue to experience frequent and financially damaging incidents.
Simple Steps to Stay Safe
You don’t need a huge budget to protect your business. Start with the basics:
- Cybersecurity Health Check – Find your weak spots before hackers do.
- Staff Training – Teach your team how to spot phishing and scams.
- Multi-Factor Authentication (MFA) – Add an extra layer of login security.
- Regular Backups – So you can recover quickly if hit by ransomware.
- Endpoint Protection – Keep all devices protected with antivirus and anti-malware.
- Incident Response Plan – Know what to do if something goes wrong.
These steps will help protect your data. They will also help protect your reputation, your customers, and your bottom line.
Why Work with a Managed IT Provider Like Modern Networks?
Hiring your own IT team is expensive. Doing nothing is risky. A managed IT service provider gives you expert help at a fraction of the cost.
Modern Networks can:
- Monitor your systems 24/7
- Keep your software and security up to date
- Train your staff
- Respond fast if something goes wrong
- Help you meet compliance requirements
It’s simple, affordable, and gives you peace of mind.
Take Action Now
Don’t wait for a cyber-attack to strike. Take your first steps today:
👉 Download our free infographic (no form filling required) to learn more about the threats and how to protect your business.
👉 Download the NCSC Small Business Guide to Cyber Security
👉 Request a quote or ask about a cybersecurity assessment with one of our experts.
Reference:
Cyber Security Breaches Survey, June 2025