Ransomware attacks targeting U.K. organizations have significantly risen in the past year, according to the British government. Despite the increase, the report highlights a low rate of reporting by victims, which complicates understanding the full extent of the threat. A recent survey, covering 2,180 businesses, 1,081 charities, and 574 educational institutions, revealed that the total number of cyberattacks decreased. However, ransomware incidents increased notably between 2024 and 2025, marking a significant rise in the overall threat landscape.
The report estimated that ransomware crimes now affect approximately 1% of businesses in the U.K., with around 19,000 businesses expected to be impacted in 2025. High-profile attacks, such as the ransomware attack on a National Health Service hospital in Northwest England in November 2024, disrupted operations significantly. Another attack on an IT vendor caused blood shortages in hospitals across the country.
These incidents underscore the growing danger posed by ransomware to critical public services and healthcare.
According to the government’s findings, 4% of large businesses and 3% of medium-sized businesses paid ransoms following attacks. However, the overall reporting of cyberattacks remains low, with only one-third of organizations having guidelines for reporting breaches. While U.K. laws currently require businesses to disclose incidents within 72 hours if personal data is exposed, many ransomware attacks go unreported, creating challenges in accurately assessing the scale of the problem. This lack of transparency complicates efforts to combat the rising cyber threat.
To address this, the U.K. government has proposed new measures, including a potential ban on ransom payments by public sector organizations and mandatory incident reporting. The proposed regulations, likely to be part of the Cyber Security and Resilience Bill, would require government bodies and critical infrastructure operators to report ransomware incidents within 72 hours. These initiatives aim to improve transparency, strengthen defenses, and mitigate the impact of ransomware on the nation’s public and private sectors.
Reference: