UK Firms Hit by Cyber-Attacks 4x Faster Than Global Average
▼ Summary
– UK organizations experienced far fewer cyber-attacks than the global average in February, but the year-on-year increase in attacks was 36%, nearly four times the global growth rate.
– The most frequently targeted sectors in the UK included education, energy & utilities, government, healthcare, and financial services.
– Ransomware remains a major threat, with 49 discrete groups active; the UK ranked third globally for corporate ransomware victims in the reported month.
– Widespread use of generative AI tools in corporate environments is creating significant data exposure risks, with many tools unmanaged by IT and lacking governance policies.
– Despite regional variations in attack volumes, cyber risk is a persistent threat requiring prevention-first, real-time protection strategies.
While the United Kingdom experienced a significantly lower volume of cyber-attacks in February compared to the worldwide average, the rate of increase was alarmingly higher. The year-on-year growth in attacks targeting UK organizations was nearly four times the global rate, according to a leading security firm’s latest threat intelligence. Globally, companies faced an average of over two thousand attacks per week, marking a 9.8% increase. In contrast, UK firms encountered roughly 1,500 weekly attacks, but this figure represented a sharp 36% surge from the previous year.
Sectors including education, government, healthcare, and financial services found themselves among the most heavily targeted within the UK. Security experts note that pinpointing a single cause for this spike is challenging. One explanation points to a broader trend where regions like Europe and North America, which historically saw lower attack numbers, are now experiencing a convergence with global averages. Additionally, short-term, large-scale criminal campaigns can cause significant fluctuations in regional data.
The persistent threat of ransomware remains a top concern. Last month, while the majority of corporate ransomware victims were based in the United States, the UK ranked third globally. Dozens of active ransomware groups were identified, with a few major players responsible for a large share of the incidents. Despite the concerning growth rate, the UK’s overall attack volume remains favorable when compared to regions like Latin America and Asia-Pacific, which recorded figures more than double the UK’s count.
A separate but equally pressing risk stems from the corporate adoption of generative AI tools. Widespread use is creating new avenues for accidental data exposure. Research indicates that a high percentage of organizations using these tools regularly encounter prompts that could lead to data leaks. A significant portion of these prompts contained sensitive information such as login credentials, customer details, and intellectual property.
The problem is exacerbated by the fact that the average organization uses numerous different AI applications, many of which likely operate without proper IT oversight or governance policies. With employees generating dozens of prompts each month, the potential for a costly mistake grows steadily. Compounding these risks, studies show a notable number of employees use AI tools developed in jurisdictions with different data privacy laws, potentially exposing information to foreign authorities. Some of these tools have also demonstrated vulnerabilities to manipulation and can produce unreliable or insecure outputs.
Security leaders emphasize that cyber risk must be viewed as a constant, evolving challenge. Even when ransomware activity ebbs and flows, attackers maintain relentless pressure across all industries. Concurrently, the unmanaged use of advanced technologies like generative AI introduces fresh vulnerabilities. Experts advocate for a proactive security stance, prioritizing real-time, AI-powered protection designed to neutralize threats before they can disrupt operations or inflict financial harm.
(Source: InfoSecurity Magazine)
