UK IT Channel News | IT Channel Oxygen
  • News
  • Topics
    • Vendor
    • Distributor
    • Partner
    • Indepth
    • Sustainability
    • M&A
    • People Moves
    • AI
    • Tech trends
  • Sustainability
  • About Us
  • Partner with us
Members
Must-Know Distributors
Oxygen 250
No Result
View All Result
  • News
  • Topics
    • Vendor
    • Distributor
    • Partner
    • Indepth
    • Sustainability
    • M&A
    • People Moves
    • AI
    • Tech trends
  • Sustainability
  • About Us
  • Partner with us
No Result
View All Result
UK IT Channel News | IT Channel Oxygen
No Result
View All Result
Home Cybersecurity

14 most significant cyber-attacks of 2025 so far – with a twist…

The twist being that our rundown is based entirely on the views of 12 partner leaders

Oxygen staff by Oxygen staff
30 June 2025
in Cybersecurity, Indepth, News, Partner
14 most significant cyber-attacks of 2025 so far – with a twist…
Share on LinkedinShare on Twitter

4. Scattered Spider retail attacks

When: April-May

What happened?

Everyone’s favourite arachnid-themed hacking group dominates this rundown.

As well as being behind three major retail attacks featured, the cybercriminal community itself was also nominated by four panellists who felt unable to specify an individual incident.

Who nominated it, and why?

Juliette Hudson, Cybaverse
Juliette Hudson, Cybaverse

Cybaverse CTO Juliette Hudson, CyXcel Co-founder and COO Jano Bermudes, Bridewell Cyber Threat Intelligence Principal Lead Gavin Knapp and Quorum Cyber CEO/Chief Threat Officer pairing Federico Charosky and Paul Caiazzo all put Scattered Spider on their hitlists.

Invited to justify her choice, Hudson claimed that the group’s native English-speaking background makes them unique.

“Scattered Spider’s advanced social engineering, leveraging native English-speaking hackers to exploit IT help desks via phishing and MFA fatigue, showcased their audacity,” she said.

“Their decentralised structure, using platforms like Discord, makes them hard to stop, even after arrests like Tyler Buchanan’s in 2024. Targeting iconic UK retailers and boasting to the BBC amplified their notoriety.”

“These attacks displayed the consequences a cyber-attack can have on real people in the real world, and also the resilience and preparedness organisations across sectors and regions need to build and maintain to withstand a focused adversary,” Quorum Cyber’s Federico Charosky and Paul Caiazzo stated.

“And Scattered Spider is still around – they’ve just shifted their victimology from retail and hospitality to insurance. Be prepared.”

Channel takeaway:

Bridewell’s Knapp said he took several learnings away from this spate of attacks.

“The social engineering approaches used by the group to target/impersonate helpdesk and obtain privileged user accounts were very effective,” he said.

“The reports also suggest that compromised third-party accounts may have also been used in the attack, outlining the importance of robust identity-based processes and controls are in place including phishing resistant MFA, and well rehearsed and security tested processes for resetting passwords or MFA.”

Despite the eye-watering losses it sustained via this attack, M&S “stands out for the transparency with which they handled the incident”, Quorum Cyber’s Federico Charosky and Paul Caiazzo said, meanwhile.

“By sharing their experience, other organisations can be better prepared to withstand similar attacks,” they said.

Three cyber-attacks were considered more significant by our leadership panel. See next page for more…

Page 12 of 15
Prev1...111213...15Next
Tags: BridewellChorus ITComputacenterCybaVerseCyberfortCyXcelNGSPerformantaQuorum CyberRed HelixSapphireSeconTop
Previous Post

A new ‘global standard’ for ISVs seeking Microsoft Marketplace success?

Next Post

‘A whirlwind’ – Wiz ‘well on way’ to 100% channel

Related Posts

Safra Catz, Oracle
Deal Wins

WHO IS IT? Oracle strikes mystery $30bn-a-year cloud deal

1 July 2025
Nick Ross, Wiz
Cybersecurity

‘A whirlwind’ – Wiz ‘well on way’ to 100% channel

1 July 2025
Dave Stevinson, QBS Software, with EMT team
M&A

QBS Software CEO reveals off-market ploy following 15th acquisition

27 June 2025
World’s largest audio-visual integrator, AVI-SPL, swaps owners
M&A

World’s largest audio-visual integrator, AVI-SPL, swaps owners

26 June 2025
Patrick Zammit and Rich Hume, TD Synnex
Distributor

‘We’re in the middle of it’, TD Synnex CEO says of PC refresh amid Q2 bonanza

24 June 2025
Simon Ewington at HPE Discover
Vendor

‘Antonio said we need to deliver on Step 2′ – HPE unveils unified partner programme

23 June 2025
Business

Founder-led channel trio named in high-growth list

23 June 2025
Is the channel jobs market finally ‘waking up’? Recruiters disagree
Careers & Skills

Is the channel jobs market finally ‘waking up’? Recruiters disagree

23 June 2025
Next Post
Nick Ross, Wiz

‘A whirlwind’ – Wiz ‘well on way’ to 100% channel

Follow Us

IT Channel Oxygen keeps you informed on the UK IT channel and its sustainable transformation. Learn more

  • About
  • Our Team
  • Partner with us
  • Privacy Policy
  • Terms & Conditions
  • News
  • Cookie Policy (UK)

© 2025 IT Channel Oxygen

Manage Cookie Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behaviour or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
View preferences
{title} {title} {title}
No Result
View All Result
  • Oxygen 250
  • Must-Know Distributors
  • Member area
  • KOcycle Zone
  • Big Interview
  • News
  • Indepth
  • About
  • Partner with us

© 2025 IT Channel Oxygen