Cyber Attacks are common and costly
Cyber attacks are now front page news. Jaguar Land Rover’s recent cyber attack costliest cyber incident in UK history, costing the national economy an estimated £2.1billion. in 2025, more than 43% of all UK businesses will experience a successful cyber breach. Cyber breaches have an average cost of £195,000 to companies, and reported incidents to Action Fraud in 2025 exceeded 39,500.
The question is no longer if your business will face disruption — but when.
At Romero Insurance, we have listed the most common forms of cyber attack. This is taken from our own experience as well as government-backed statistics from the cyber security breaches survey of 2025. We have also provided case examples and how these attacks can impact your business. Readers should assess the three ways to defend a cyber attack which we’ve included, as well as a link to our cyber insurance information. All is included in our cyber security whitepaper.
What are the most common cyber attacks?
Phishing Attacks
Phishing attacks utilise social engineering in order to gain access to systems or extract data and money. The criminal sends an email or click request that fools the subject into downloading malware or giving sensitive information. Criminals will often pretend to be from the same organisation as their target, or the company CEO.
M&S cyber attack occurred through social engineering where the hackers pretended to be employees in order to trick their third-party IT support into resetting passwords. Once inside, the hackers then deployed a ransomware software.
Phishing attempts are the most common of all methods and find success simply because they are quick and easy to implement, of the sheer amount of phishing attempts can be overwhelming. The best way to defend against this cyber attack technique is through effective staff training.
Man in the Middle Attack
A man in the middle attack is where a cybercriminal spies on data sent between networks. They often have infiltrated an email or communications platform and then will intercept communications between employees or between clients.
Hackers may be able to alter messages and access private information. They can then manipulate clients or employees. The target will not realise their network has been comprise until it’s too late. The only defence against this method is by encrypting access points and utilising a VPN, which should be standard procedure for all organisations.
Ransomware attacks
The hacker holds the organisation’s systems hostage until they are paid off. They will design a code that avoids antivirus software and infects multiple computers. Once paid the attacker will either offer instruction to free the network, or destroy the network entirely.
MGM and Caesars casinos fell victim to a ransomware attack. They lost access to their entire IT infrastructure and slot machines. Caesars paid a $15million ransom, whereas MGM manually restored its systems, suffering a loss of $100million in revenue.
When infected, there is little that can be done to remove the hackers. Ransomware attacks can be prevented with up-to-date antivirus software and effective firewalls.
Dummy websites
Fake URL addresses that are closely related to popular websites can trip up web-surfers. Criminals can duplicate your website, copying the base elements and direct employees or clients to their dummy site. Once on the site, victims may input sensitive information, allowing hackers to capture login details among other data.
Make sure your DNS are up to date. Have your site necessitate multi-factor authentication. Train colleague to understand the risks and signs of a spoof website.
Brute force attacks
Another common method from hackers to gain access to an organisation’s systems is to guess the login credentials multiple times. Attackers use bots to be able to input thousands of possible codes in minutes. Only one needs to work for access to be granted.
Three ways to defend against a cyber attack
There are three main areas businesses should focus on in order to best defend themselves from the most common cyber attacks:
Incident response planning
A cyber incident response plan will lay out the necessary steps to take to limit the damage when an attack happens. Communication protocols are essential, informing colleagues only need-to-know information, informing IT provider of a breach and the authorities. Appoint roles and responsibilities for individuals is a key part of the incident response plan. Insurers and reporters need to be told of a possible breach.
A cyber incident response plan should have key decision points , providing a structure for how to respond to a major cyber attack. Recovery processes should also be noted, helping to restore systems when necessary. Plans should be written down and printed out incase digital access is lost. Response plans should be tested practically and regularly reviewed. Offsite backups should always be available and be updated on a schedule.
Learn more about a cyber incident response plan.
Proactive cyber defences
To stay secure, multiple cyber defences need to be implemented as well as frequently updated. Firewalls and endpoint security is an example of a layered strategy, hampering the success of illegitimate requests. VPN are essential for businesses, encrypting messages and internal networks. Mobile data management should be mandated, reducing the threats of insider attacks and mobile hackers. Antivirus programmes should be implemented and updated, offering wiping capabilities to prevents the risk of ransomware.
Physical security is important, stopping unknown individuals from trespassing and looking out for shifty individual. Cyber training is necessary and should be company–wide, informing on proper procedure and non-negotiables, helping to protect against phishing attacks
Comprehensive cyber insurance
Another important defence is effective cyber insurance, which will protect your finances. Businesses can never eliminate the risk of a breach, so insurance provides the peace of mind that your business is financially covered and will likely not fold if a breach occurs.
Don’t put your business at risk. Your business deserves a dedicated broker who understands the risks and has experience dealing with high-value claims. Cyber Attack Insurance will protect you for losses caused by business disruption brought about by network failures, privacy breaches or data loss. Cyber Crime Insurance relates to monetary loss due to malicious action from a hacker. This includes social engineering, where an employee is deceived or scammed into giving financial details or making payment to a fraudulent source.
With your permission, we will be able to perform a confidential review of your business and insurance terms, helping us understand if there are any gaps in your cover. We can go to insurers and determine our best offer which might be better than your current provider. Contact us to learn more about your cover and arrange a confidential review.