UK IT Channel News | IT Channel Oxygen
  • News
  • Topics
    • Vendor
    • Distributor
    • Partner
    • Indepth
    • Sustainability
    • M&A
    • People Moves
    • AI
    • Tech trends
  • About Us
  • Partner with us
Members
Must-Know Distributors
Oxygen 250
No Result
View All Result
  • News
  • Topics
    • Vendor
    • Distributor
    • Partner
    • Indepth
    • Sustainability
    • M&A
    • People Moves
    • AI
    • Tech trends
  • About Us
  • Partner with us
No Result
View All Result
UK IT Channel News | IT Channel Oxygen
No Result
View All Result
Home Cybersecurity

14 most significant cyber-attacks of 2025 so far – with a twist…

The twist being that our rundown is based entirely on the views of 12 partner leaders

Oxygen staff by Oxygen staff
30 June 2025
in Cybersecurity, Indepth, News, Partner
14 most significant cyber-attacks of 2025 so far – with a twist…
Share on LinkedinShare on Twitter

4. Scattered Spider retail attacks

When: April-May

What happened?

Everyone’s favourite arachnid-themed hacking group dominates this rundown.

As well as being behind three major retail attacks featured, the cybercriminal community itself was also nominated by four panellists who felt unable to specify an individual incident.

Who nominated it, and why?

Juliette Hudson, Cybaverse
Juliette Hudson, Cybaverse

Cybaverse CTO Juliette Hudson, CyXcel Co-founder and COO Jano Bermudes, Bridewell Cyber Threat Intelligence Principal Lead Gavin Knapp and Quorum Cyber CEO/Chief Threat Officer pairing Federico Charosky and Paul Caiazzo all put Scattered Spider on their hitlists.

Invited to justify her choice, Hudson claimed that the group’s native English-speaking background makes them unique.

“Scattered Spider’s advanced social engineering, leveraging native English-speaking hackers to exploit IT help desks via phishing and MFA fatigue, showcased their audacity,” she said.

“Their decentralised structure, using platforms like Discord, makes them hard to stop, even after arrests like Tyler Buchanan’s in 2024. Targeting iconic UK retailers and boasting to the BBC amplified their notoriety.”

“These attacks displayed the consequences a cyber-attack can have on real people in the real world, and also the resilience and preparedness organisations across sectors and regions need to build and maintain to withstand a focused adversary,” Quorum Cyber’s Federico Charosky and Paul Caiazzo stated.

“And Scattered Spider is still around – they’ve just shifted their victimology from retail and hospitality to insurance. Be prepared.”

Channel takeaway:

Bridewell’s Knapp said he took several learnings away from this spate of attacks.

“The social engineering approaches used by the group to target/impersonate helpdesk and obtain privileged user accounts were very effective,” he said.

“The reports also suggest that compromised third-party accounts may have also been used in the attack, outlining the importance of robust identity-based processes and controls are in place including phishing resistant MFA, and well rehearsed and security tested processes for resetting passwords or MFA.”

Despite the eye-watering losses it sustained via this attack, M&S “stands out for the transparency with which they handled the incident”, Quorum Cyber’s Federico Charosky and Paul Caiazzo said, meanwhile.

“By sharing their experience, other organisations can be better prepared to withstand similar attacks,” they said.

Three cyber-attacks were considered more significant by our leadership panel. See next page for more…

Page 12 of 15
Prev1...111213...15Next
Tags: BridewellChorus ITComputacenterCybaVerseCyberfortCyXcelfeaturedmemberNGSPerformantaQuorum CyberRed HelixSapphireSeconTrending
Previous Post

A new ‘global standard’ for ISVs seeking Microsoft Marketplace success?

Next Post

‘A whirlwind’ – Wiz ‘well on way’ to 100% channel

Related Posts

Carl Henriksen, OryxAlign
M&A

Palatine reveals ‘defining factor’ as it invests in £20m-revenue MSP OryxAlign

6 July 2026
Ian Hudson, Hudson Hill Consulting
Big Interview

‘Having come close to death, I’m more carefree’ – meet the MSP MD gunning for £100m

6 July 2026
Microsoft to ‘work closely with partners’ as it joins FDE stampede
AI

Microsoft to ‘work closely with partners’ as it joins FDE stampede

3 July 2026
6 backup vendors bag Gartner bragging rights. Who are they?
Tech trends

6 backup vendors bag Gartner bragging rights. Who are they?

2 July 2026
Robert Vassoyan, SCC
AI

SCC to unlock ‘profound business value’ from AI via £100m investment

1 July 2026
6 things to know as Claranet buys Six Degrees
M&A

6 things to know as Claranet buys Six Degrees

30 June 2026
Jeremy Keefe, Kubus
Big Interview

Kubus CEO on £100m goal, M&A plans and ‘fair and open’ HPE

29 June 2026
Patrick Zammit, TD Synnex
Distributor

TD Synnex’s EMEA gains are ‘structural’, CEO says amid $100bn first

25 June 2026
Next Post
Nick Ross, Wiz

‘A whirlwind’ – Wiz ‘well on way’ to 100% channel

IT Channel Oxygen keeps you informed on the UK IT channel and its sustainable transformation. Learn more

  • About
  • Our Team
  • Partner with us
  • Privacy Policy
  • Terms & Conditions
  • News
  • Cookie Policy (UK)

© 2026 IT Channel Oxygen

Manage Cookie Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behaviour or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
No Result
View All Result
  • Oxygen 250
  • Must-Know Distributors
  • Member area
  • Big Interview
  • News
  • Indepth
  • About
  • Partner with us

© 2026 IT Channel Oxygen