UK businesses and institutions have been inundated with serious hacking attacks in 2025, with some 90% of British Universities of those sampled, and over 43% of sampled businesses experiencing at least one attack so far in the last 12 months, according to a recent government survey. This includes standout hacks like the devastating Jaguar Land Rover (JLR) breach that brought the company to a standstill, and a recent nursery chain where children's images were used as blackmail collateral.
Businesses and academic institutions have always been prime targets for hackers, but the practice has become endemic in the UK in 2025, with the vast majority of polled universities, further education colleges, and secondary schools all being hit with breach attempts over the past 12 months. In total, some 91% of universities, 85% of colleges, and 60% of secondary schools reported some form of attack in the survey.
This was followed closely by primary schools, 44% of which had come under some form of hacking attempt. UK businesses haven't been hit to the same extent, but not far off, with some 43% of survey respondents claiming they'd suffered some form of breach attempt. Over 2,000 businesses were polled for the survey. The survey polled 250 primary schools (elementary schools), 240 secondary schools (high schools), 54 colleges, and 32 universities, as well as conducting more in-depth interviews with a handful of each grade of institution. The figures broadly indicate that educational institutions seem to be targeted much more frequently than businesses overall.
Assuming that these findings can be extrapolated, it works out to over 610,000 affected businesses and 61,000 charities that were targeted over the past 12 months, according to the BBC, a not insignificant portion of the 5.5 million or so businesses registered in the UK.
The overall effect extends far beyond those hacked, though. In the case of JLR, the business itself had to shut down for weeks and seek government assistance to avoid layoffs, but that company is supplied by thousands of other smaller businesses, and all of them were similarly affected. With such a large customer for these businesses halting operations while the hack damage was mitigated, it caused a huge ripple effect through British businesses.
The question then arises as to why these hacks are increasing in frequency and severity. The BBC highlights how traditionally, these kinds of attacks tend to originate from Russia. Indeed, there is a case to be made that these hacks could be pushed by Russia as part of asymmetric warfare for its ongoing invasion of Ukraine, targeting the UK targets one of Ukraine's staunchest allies.
But more often, the hacks in 2025 seem to originate domestically, often perpetuated by British teenagers. BBC quotes cyber security expert at Royal United Services Institute, James MacColl, as saying:
"There's been a bit of a change in the last couple of years where English-speaking, mostly teenage hackers have been leasing or renting ransomware from those Russian-speaking cyber criminals, and then using it to disrupt and extort from the businesses they've gained access to."
"And those English-speaking criminals do tend to focus on quite high-profile victims, because they're not just financially motivated: they want to demonstrate their skill and get kudos within this quite nasty sort of hacking ecosystem that we have."
The government survey is one of the ways in which it tries to encourage better digital security practices. As part of the survey, it highlighted that not all schools, universities, or businesses have up-to-date cybersecurity protocols and procedures in place. Having one in place doesn't prevent hacks in their entirety, but it can help prevent an institution from being the lowest-hanging fruit.
Follow Tom's Hardware on Google News, or add us as a preferred source, to get our up-to-date news, analysis, and reviews in your feeds. Make sure to click the Follow button!
