UK IT Channel News | IT Channel Oxygen
  • News
  • Topics
    • Vendor
    • Distributor
    • Partner
    • Indepth
    • Sustainability
    • M&A
    • People Moves
    • AI
    • Tech trends
  • Sustainability
  • About Us
  • Partner with us
Members
Must-Know Distributors
Oxygen 250
No Result
View All Result
  • News
  • Topics
    • Vendor
    • Distributor
    • Partner
    • Indepth
    • Sustainability
    • M&A
    • People Moves
    • AI
    • Tech trends
  • Sustainability
  • About Us
  • Partner with us
No Result
View All Result
UK IT Channel News | IT Channel Oxygen
No Result
View All Result
Home Cybersecurity

14 most significant cyber-attacks of 2025 so far – with a twist…

The twist being that our rundown is based entirely on the views of 12 partner leaders

Oxygen staff by Oxygen staff
30 June 2025
in Cybersecurity, Indepth, News, Partner
14 most significant cyber-attacks of 2025 so far – with a twist…
Share on LinkedinShare on Twitter

4. Scattered Spider retail attacks

When: April-May

What happened?

Everyone’s favourite arachnid-themed hacking group dominates this rundown.

As well as being behind three major retail attacks featured, the cybercriminal community itself was also nominated by four panellists who felt unable to specify an individual incident.

Who nominated it, and why?

Juliette Hudson, Cybaverse
Juliette Hudson, Cybaverse

Cybaverse CTO Juliette Hudson, CyXcel Co-founder and COO Jano Bermudes, Bridewell Cyber Threat Intelligence Principal Lead Gavin Knapp and Quorum Cyber CEO/Chief Threat Officer pairing Federico Charosky and Paul Caiazzo all put Scattered Spider on their hitlists.

Invited to justify her choice, Hudson claimed that the group’s native English-speaking background makes them unique.

“Scattered Spider’s advanced social engineering, leveraging native English-speaking hackers to exploit IT help desks via phishing and MFA fatigue, showcased their audacity,” she said.

“Their decentralised structure, using platforms like Discord, makes them hard to stop, even after arrests like Tyler Buchanan’s in 2024. Targeting iconic UK retailers and boasting to the BBC amplified their notoriety.”

“These attacks displayed the consequences a cyber-attack can have on real people in the real world, and also the resilience and preparedness organisations across sectors and regions need to build and maintain to withstand a focused adversary,” Quorum Cyber’s Federico Charosky and Paul Caiazzo stated.

“And Scattered Spider is still around – they’ve just shifted their victimology from retail and hospitality to insurance. Be prepared.”

Channel takeaway:

Bridewell’s Knapp said he took several learnings away from this spate of attacks.

“The social engineering approaches used by the group to target/impersonate helpdesk and obtain privileged user accounts were very effective,” he said.

“The reports also suggest that compromised third-party accounts may have also been used in the attack, outlining the importance of robust identity-based processes and controls are in place including phishing resistant MFA, and well rehearsed and security tested processes for resetting passwords or MFA.”

Despite the eye-watering losses it sustained via this attack, M&S “stands out for the transparency with which they handled the incident”, Quorum Cyber’s Federico Charosky and Paul Caiazzo said, meanwhile.

“By sharing their experience, other organisations can be better prepared to withstand similar attacks,” they said.

Three cyber-attacks were considered more significant by our leadership panel. See next page for more…

Page 12 of 15
Prev1...111213...15Next
Tags: BridewellChorus ITComputacenterCybaVerseCyberfortCyXcelfeaturedmemberNGSPerformantaQuorum CyberRed HelixSapphireSeconTrending
Previous Post

A new ‘global standard’ for ISVs seeking Microsoft Marketplace success?

Next Post

‘A whirlwind’ – Wiz ‘well on way’ to 100% channel

Related Posts

Focus Group
Business

Focus Group’s 2024 revenues nudge £250m amid 15 acquisitions

21 July 2025
Ingram Micro’s Xvantage platform ‘like Netflix’, exec claims as he credits it with ‘fast’ ransomware recovery
Distributor

Ingram Micro’s Xvantage platform ‘like Netflix’, exec claims as he credits it with ‘fast’ ransomware recovery

18 July 2025
Gina Hough
Partner Content

Resellers ‘should enter the room like Liam Gallagher’, PR expert claims

18 July 2025
Clare Metcalfe, Phoenix Software NEW
Big Interview

‘We go with different USPs’ – Phoenix Software MD on boosting 4% share with sister company Bytes

17 July 2025
VMware campus
Vendor

Smaller cloud partners ‘left in limbo’ amid Broadcom VCSP partner cull

16 July 2025
Adarma formally goes into administration, sparking 173 job losses
Cybersecurity

Adarma formally goes into administration, sparking 173 job losses

15 July 2025
Alan Paton, Qodea and Matt Iliffe, Beyond
M&A

‘We’re impatient’ – Qodea CEO hints at more M&A following Beyond deal

15 July 2025
Tim Griffin, Exertis
Big Interview

‘They weren’t alone’ – Exertis IT CEO opens up on AURELIUS sale process

15 July 2025
Next Post
Nick Ross, Wiz

‘A whirlwind’ – Wiz ‘well on way’ to 100% channel

Follow Us

IT Channel Oxygen keeps you informed on the UK IT channel and its sustainable transformation. Learn more

  • About
  • Our Team
  • Partner with us
  • Privacy Policy
  • Terms & Conditions
  • News
  • Cookie Policy (UK)

© 2025 IT Channel Oxygen

Manage Cookie Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behaviour or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
View preferences
{title} {title} {title}
No Result
View All Result
  • Oxygen 250
  • Must-Know Distributors
  • Member area
  • KOcycle Zone
  • Big Interview
  • News
  • Indepth
  • About
  • Partner with us

© 2025 IT Channel Oxygen