Ransomware, Risks and Remote Access: Summer Cyber Concerns

Let's cut through the noise: cyber attacks are no longer something that "happens to someone else". Whether you're running a law firm in Altrincham, a manufacturer in Warrington, or a property agent in Hale - if your business uses email, stores client data, or relies on internet-connected systems (so basically every business), you're a target.

The good news? You don't need to be the tech expert to protect your business from the biggest threats. But you do need to understand what's going on; and that's what this blog is here to help with.

We've pulled together a plain-English roundup of the biggest cyber threats doing the rounds in summer 2025 - specifically for business owners, operations and finance managers, and IT specialists across Greater Manchester. No jargon, no fearmongering. Just the facts, the risks, and how to stay ahead of them.

Why This Matters Now

Here's what the latest stats are telling us:

• More than 1 in 3 small businesses in the North West reported a cyber attack last year
• Phishing emails are behind over 70% of these breaches
• The average cost of a successful cyber attack on a UK SME is now over £8,000 - and that doesn't include lost productivity, data recovery, or reputational damage

And yet... many businesses still think:

"We're too small to be a target"
"We've never had an issue, so we must be fine"
"We've got antivirus, so we're covered"

We get it. But that mindset? It's exactly what cyber criminals are counting on.

5 Cyber Threats You Need to Know About This Summer

1. Phishing Emails - Now Powered by AI

Phishing isn't new. But the way criminals are doing it in 2025 definitely is.

They're using AI to write ultra-convincing emails that look and sound legitimate - like they've come from your account team, your bank, even your suppliers. And they're playing the long game - researching your company on LinkedIn, crafting emails that feel personal, and making their scams harder to spot than ever.

What to look out for:

• Unusual bank detail change requests or charges
• Emails that sound slightly off but aren't obviously fake (e.g. use of American-English rather than British-English)
• Attachments or links you weren't expecting

What to do:

• Train your team regularly - just 10 minutes a month can help
• Always verify unexpected requests verbally, especially anything involving payments or sensitive info
• Use phishing simulations (we can help with these) to spot weak links before criminals do

2. Ransomware - Not Just a Big Business Problem

Ransomware is a type of malicious software that lock your files, then demands payment to unlock them. And while you might think this is something that only happens to banks or multinationals - it's actually small- and medium-sized businesses that are now prime targets. One wrong click on a dodgy link, and your company's files could be encrypted and held for ransom. The worst part? If you don't have proper backups, your options are limited: pay up (with no guarantee you'll get your files back), or lose them entirely.

What to do:

• Make sure your backups are regular, secure, and off-site
• Don't just back up your files - test your recovery process
• Have a basic disaster recovery plan (we can help with this too)

3.Microsoft 365 Hijacks - Through the Front Door

If you use Microsoft 365 - and chances are, you do - your email accounts are a prime target for hackers. Why? Because breaking into your email often gives them access to invoices, client data, and even the ability to impersonate you. This kind of attack isn't flashy. It's quiet. They log in, snoop around, and start redirecting payments or gathering intel. The usual cause? Weak or reused passwords - and no Multi-Factor Authentication (MFA).

What to do:

• Turn on MFA across all Microsoft 365 accounts - it's free, quick to set up, and blocks over 99% of automated attacks
• Stop using shared inbox passwords
• Review who has admin access to your Microsoft tenant

4. Outdated Tech - Still in Use, Still a Risk

Here's a timely one: Windows 10 will no longer be supported from 14th October. That means no more support, no more patches, and a big open door for hackers if you keep using it beyond that date. Old firewalls, unsupported software, and ageing laptops are also high on the hacker hit list. They're looking for easy targets - and out-of-date systems are just that.

What to do:

• Start reviewing your IT estate now - especially your PCs, firewalls, and business-critical software
• Budget for replacements or upgrades ahead of the October 2025 Windows 10 end-of-life deadline
• Ask your IT provider to do a "tech refresh" audit (we offer these free to Greater Manchester businesses)

5. Human Error - The Silent Threat

Let's be honest, most cyber incidents don't start with a hacker. They start with a click. Or a rushed decision. Or someone working late, tired, and thinking, "This email looks fine". Human error remains one of the biggest causes of data breaches in UK businesses, and it's often the most overlooked.

What to do:

• Make cyber security awareness a habit, not a once-a-year tick-box exercise
• Use simple, engaging training methods (not boring eLearning)
• Foster a culture where people feel confident to ask "Is this legit?" before clicking

What Can You Do This Week?

Here are 5 quick wins you can tick off by Friday:

1. Turn on MFA for Microsoft 365
2. Run a phishing simulation for your team
3. Ask your IT provider to review your backup and recovery status
4. Do a quick audit of devices still running Windows 10
5. Schedule a cyber health check (we offer these free - just ask!)

At Apex Computing, we believe cyber security doesn't need to be scary or complicated. Most attacks rely on businesses being unprepared - not unprotected. If you've ever been meaning to sort out your cyber setup but haven't had the time or don't know where to start, we can help. No jargon, just practical support from people who understand the risks - and how to fix them.