Thinc insights
Cyber threats are constantly evolving. Here are four of 2025's most prevalent dangers SMEs need to be aware of, according to our experts and partners.
In the digital world, cyber security is no longer a concern exclusive to large enterprises; the cyber security threats to SMEs are always growing in strength. Small and medium-sized businesses (SMEs) are facing an ever-growing list of threats; there are several cyber security threats to SMEs in particular that can disrupt operations, compromise sensitive data and damage hard-earned reputation.
As attack methods evolve, SMEs can no longer afford to take a reactive approach. Instead, proactive protection and expert guidance are essential.
At Thinc, we understand the challenges of the many cyber security threats to SMEs. Through our partnerships with leading providers like SonicWall and CrowdStrike, we help our customers stay ahead of the curve with robust cyber security strategies that are built to protect, detect and respond to modern threats.
In this blog, we’ll give you a snapshot of the cyber security landscape for SMEs for the remainder of the year, before exploring the four most popular cyber security threats to SMEs in the UK with a bi of advice on how to start preparing for them today.
In the UK, the government paints a picture of the cyber landscape every year with its Cyber Security Breaches Survey. This year’s survey showed just how damaging a security breach can be. For SMEs, the average cost to a business was £3,550 and £8,690 for charities.
However, one of the things that interested us the most in this year’s survey was the indication that SMEs are increasingly taking their cyber security seriously. The percentage of SMEs with protection plans in place does show an improvement with a 48% figure being cited for those that have cyber hygiene practices in place, including an increased uptake of cyber security risk assessments.
There are positive trends across organisations of all sizes: having cyber insurance in place is up to 62% of UK SMEs from 49% in 2024, formal policy covering cyber security risks is at 59%, up from 51% in 2024, while SME business continuity plans that address cyber security sits at 53%, up from 44% just a year ago.
While these figures show an increased focus on mitigating cyber risk through enhanced planning and security, the ever-evolving nature of cyber threats means that SMEs need constant vigilance to be safe.
We canvassed our cyber experts and our cyber security partners to pick out some of the emerging dangers to be aware of in 2025. Here’s what you need to look out for, how they work, and what could happen if the threat is successful.
Have you ever received an email from a contact, at your business or from somewhere familiar, that somehow didn’t seem quite right? If so, you may have been targeted by email spoofing.
Email spoofing is the creation of emails that attempt to forge emails from a trusted, original source. This can include the fabrication of an email header, style and tonality in which the email is written, and the use of an SMTP server, which will make the email appear as if it has come from the source that’s being imitated.
The email could then encourage recipients to click the links provided, to ‘enter a competition’ or ‘download the latest release of software’ – only that the link and software downloaded could install malware on a recipient’s device.
Another cyber risk to be mindful of is the increased speed with which hackers can operate. Once a weakness is detected, the clock begins ticking more quickly than it ever has.
According to SonicWall, the average time required for hackers to exploit code is now within 48 hours. When they discover a security vulnerability, they publish them as a proof-of-concept (POC) to attackers, showcasing how it could be used – attackers jump on it, often within just 48 hours.
Imagine that a vulnerability is spotted in, say, Microsoft Exchange or an Internet of Things (IoT) device. Hackers then move fast to build tools or ransomware software that exploit the vulnerability. If that attack is successful, hackers have a foot in the door, and can then gain unauthorised access, steal sensitive data or disrupt operations.
Why is this important to UK SMEs? Well, businesses don’t have the luxury of time anymore. A business can’t simply wait weeks for a patch to address the issue – they must be as fast as the hackers, otherwise they risk reputational damage, loss of revenue, legal consequences and expensive recovery costs.
In CrowdStrike’s latest Global Threat Report, they have identified massive spikes in social engineering techniques, such as vishing and help– desk spoofing. These techniques target the human, rather than the software, playing on human emotions to manipulate a victim into carrying out an action, such as downloading malicious software or providing confidential information.
Vishing, which stands for ‘voice fishing’, is where a hacker or scammer user a phone call to manipulate someone into revealing confidential information, like passwords, bank details or security access codes.
If a vishing attack is successful, and the desired information is obtained, hackers can have direct access to systems without cracking any codes or exploiting software vulnerabilities. This can lead to credential theft, unauthorised network access, financial fraud, data breaches or even wider social engineering. With a bit of insider info, more convincing phishing or vishing attacks can then be deployed.
Help-desk spoofing is also on the rise, proving to be another threat for SMEs to heed. It’s when an attacker pretends to be a company’s IT help desk – posing as someone trustworthy – using urgency, fear or authority to manipulate the victim into providing sensitive information. They’ll ask for passwords, remote desktop access or confirmation of login details, often targeting admins or users with privileged access. If successful, hackers and scammers can benefit from the same outcomes as a vishing attack.
Have you noticed an increase in spam lately? Are fake emails becoming more realistic and more feasible? It’s likely that Artificial Intelligence (AI) is playing its part.
While AI is being developed within software to improve usability and general output, it’s also accelerating the speed at which cyber-attacks can be deployed. AI tools are being used to make cyber-attacks faster, smarter and harder to detect at every stage of an attack, which is a growing concern for UK SMEs. Here’s how AI is influencing each stage of a cyber-attack:
SMEs need to make sure that they’re deploying several strategic tips in their operations to help combat the speed in which AI is supporting with the launch of cyber-attacks. Across the board, a well-thought-out strategy can help to mitigate the risk.
With cyber threats evolving at speed, it’s never been more important for UK SMEs to take a proactive approach to security. In their latest reports for 2025, both CrowdStrike and SonicWall emphasise the need for layered protection – combining next-gen endpoint detection, secured infrastructure and hosting and emergency response. Businesses should also take steps to reduce human risk by training staff to spot phishing and vishing attacks, which are now being generated and deployed faster with the help of AI.
At Thinc, we help businesses build smart, scalable defences with solutions from both CrowdStrike and SonicWall, alongside our own managed services expertise and consultancy. We also support UK SMEs with achieving Cyber Essentials or Cyber Essentials Plus, which we recommend as a simple yet powerful first step in combatting ever-growing cyber threats. These frameworks lay the foundations for good cyber hygiene. Whether you’re looking to meet compliance requirements or stay one step ahead of modern threats, Thinc are here to support you every step of the way.
Related Topics
Need support with mitigating cyber risks?
Copyright © 2025 Thinc Registered in England & Wales: 04332326. All Rights Reserved.
Enter your details into the contact form below, and one of our experts will be in touch to arrange a time to speak.
If you’re an existing customer looking for support, please e-mail servicedesk@wearethinc.com, or visit our support page where you can download our remote support apps.
