Cyber-attacks against small and medium firms have surged in recent years, with research by Vodafone Business revealing that over one-third (36%) were victims of one in 2024 alone.
More than a third (32%) of small North West firms suffered between one and five attempted attacks, while (5%) were targeted more than ten times in a year.
This means that on average, small businesses in the region lose £8,281 each year due to cyber-attacks.
The study found many firms remain ill-prepared to combat these threats, as limited budgets, lack of expertise, and competing business needs can lead to data breaches, system downtime, and reputational damage.
However, cyber hacks on small businesses aren’t just a problem within the North West of England but also across the UK in general.
Overall, small businesses across the UK are losing £3.4billion each year as a direct threat of cyber hackers.
Generally, more than a quarter (28%) of UK firms were exposed to between one and five attempted attacks in the last year while some (6%) were targeted by as much 10 times.
Other keys points from the research showed:
More than half (52%) of UK SME employees having received no cybersecurity training, while almost a third (32%) of SMEs had no cybersecurity protections in place at all.
- More than a third of SMEs (38%) invest less than £100 a year in cybersecurity, with more than two-thirds (64%) having staff working from home or other off-site locations regularly.
- Shockingly, 60% of SMEs allow employees to use their own IT equipment when working from home, with a fifth (19%) of remote workers being targeted by cyber criminals.
- To try and stem the problem, more than one in 8 (15%) SME employees have been banned from working from home due to the risk of falling victim to a cyber-attack.
With attacks continuing to rise, the most common cyber-attacks to look out for are:
- Phishing: Using email, SMS, phone and social media to entice a victim to share sensitive information — such as passwords or account numbers — or to download a malicious file that will install viruses on their computer or phone. 70% of firms have experienced this in the past year.
- Ransomware: A virus sent in that causes corruption of files or blocks access until payment is made to attacker. (23%)
- Distributed Denial of Service (DDOS): Attack that overloads and takes down systems critical to business function. (20%).
- Water-holing: Attacker creates a fake website or impersonates a business to deceive visitors
Vodafone Business, a leading advocate for SME digital transformation, has reinforced the importance of proactive cybersecurity investments
Nick Gliddon, Vodafone Business CEO said: “In today’s digital first economy, cybersecurity must be at the heart of every SME’s business strategy,” said Nick Gliddon, CEO, Vodafone Business UK. “At Vodafone, we are committed to supporting small businesses with affordable, scalable, and cutting-edge cybersecurity solutions.
“By investing wisely in the right cybersecurity solutions for their business, SMEs can protect themselves from both existing and emerging cyber threats, enabling them to unlock new growth opportunities and safeguard their future in an increasingly connected world.”
The advice comes as Vodafone Business is offering a complimentary one-month trial of CybSafe, the leading human risk management platform that utilises AI, data, psychology, and behavioural science to assess and enhance cybersecurity behaviour, awareness, and culture within organisations.
To claim a free CybSafe trial for your business visit: www.vodafone.co.uk/business/cybsafe