Ransomware’s Evolving Playbook
Ransomware attacks became more targeted, with groups going after backups, threatening data leaks, and using AI to craft convincing phishing emails.
As 2025 comes to a close, we’re looking back at some of the most impactful cyber threats of the year and more importantly, what they reveal about the challenges ahead. From ransomware tactics to AI-driven phishing and risky app integrations, this round-up highlights where businesses have been most vulnerable and how you can strengthen your defences in 2026.
Ransomware attacks became more targeted, with groups going after backups, threatening data leaks, and using AI to craft convincing phishing emails.
Store backups off-network, use phishing-resistant MFA, and revisit your incident response plan.
Multi-Factor Authentication (MFA) remained a must—but poor setups and “MFA fatigue” left many organisations vulnerable.
Switch to number-matching or hardware-based MFA, and monitor authentication logs for suspicious behaviour.
SaaS tools, browser extensions, and file-sharing platforms were quietly adopted by users, expanding the attack surface without IT knowing.
Audit third-party app permissions and apply conditional access to restrict unsanctioned tools.
Vendors lacking basic security protocols or Cyber Essentials certification introduced risk into core systems.
Require suppliers to meet baseline standards and build supply chain security into your strategy.
Old admin accounts and forgotten guest logins opened doors for attackers in multiple breaches this year.
Run regular access reviews and automate account deactivation for leavers and expired roles.
Use the final weeks of 2025 to get a head start:
Reduce downtime and improve service efficiency with AI-powered troubleshooting. Learn how service teams use ilean to solve problems faster and capture knowledge.
Cybersecurity risks are not always caused by sophisticated attacks or major system failures. In many cases, risk builds quietly through everyday habits, overlooked processes, and limited visibility into where data is stored or how users interact with systems.
Learn how to reduce cyber risk through stronger security foundations. This month's bulletin covers home office security, legacy technology risks, vulnerability management, MFA, and cybersecurity best practices.