Week Ending 21 March 2026 – Threats, Tensions and the Things That Will Probably Keep Your IT Team Awake
You’d think by now we’d have collectively agreed not to connect every business function, employee device, and kettle to the internet. Yet here we are. Anyway, here’s what actually mattered in UK cyber security this week, minus the fluff and marketing nonsense.
Undersea Infrastructure Moves to the Top of the Risk Register
The internet’s backbone is suddenly everyone’s problem
The UK has doubled down on protecting critical undersea data cables, working alongside Ireland and NATO partners to guard against sabotage risks.
- These cables carry the vast majority of transatlantic internet traffic
- Disruption could impact cloud services, banking, logistics and communications
- Hybrid threats now combine physical damage + cyber attacks
Expert insight:
“Subsea infrastructure is one of the most strategically vulnerable elements of modern economies.” — UK defence analyst commentary
For UK businesses, this is less abstract than it sounds. If these cables go down, your cloud provider goes with them. Your “fully digital business model” suddenly becomes… theoretical.
UK Organisations Facing Persistent DDoS and Disruption Campaigns
Not everything is about stealing data. Sometimes it’s just chaos
The National Cyber Security Centre (NCSC) has continued to warn of sustained disruption campaigns targeting UK services.
Common patterns this week:
- DDoS attacks knocking public-facing services offline
- Hacktivist groups targeting local councils and public sector systems
- Short, sharp attacks designed for maximum visibility rather than long-term access
These are often politically motivated, not financially driven.
Expert insight:
“We’re seeing more attacks aimed at disruption rather than data theft, reflecting geopolitical tensions spilling into cyberspace.”
Translation: someone somewhere is annoyed, and your website is the easiest punching bag.
AI-Driven Phishing Reaches a New Level of Believability
Your staff are no longer the weakest link. They’re just outmatched
Phishing attacks across the UK have become noticeably more sophisticated thanks to AI.
Key developments:
- Emails now mimic tone, formatting and internal communication styles
- Attackers personalise messages using public data and leaked information
- Fewer spelling errors, more convincing business context
Typical lures seen this week:
- “Updated supplier payment details”
- “Urgent HR policy acknowledgement”
- “Missed delivery / invoice discrepancy”
Expert insight:
“AI has removed the traditional red flags. Detection now relies on behaviour, not just content.”
So yes, the “just check for bad grammar” advice is now about as useful as a chocolate firewall.
Ransomware Activity Remains Relentless
Criminals still prefer money over ideology. Comforting, in a way
Ransomware groups continue targeting UK businesses, particularly:
- Professional services (including accounting firms)
- Manufacturing and logistics
- SMEs with weaker security controls
Trends observed this week:
- Double extortion remains standard (encrypt + leak data)
- Faster attack cycles from initial access to deployment
- Increased use of legitimate tools (living-off-the-land attacks)
Expert insight:
“Attackers are prioritising speed and automation, reducing the window for detection.”
If your backups aren’t tested, this is where things get expensive very quickly.
Cyber Skills Shortage Continues to Bite
There are not enough people to fix this mess
Demand for cyber security professionals in the UK continues to outstrip supply.
- Salaries rising across SOC, incident response and threat intelligence roles
- SMEs struggling to compete with enterprise and government hiring
- Increased reliance on managed security providers (MSSPs)
Government initiatives are ongoing, but the gap remains significant.
Expert insight:
“Cyber resilience is now constrained more by people than by technology.”
So the tools exist. The problem is finding someone who actually knows how to use them properly.
The Numbers Behind the Noise
Because statistics make everything feel more official
- UK dealing with multiple significant cyber incidents weekly
- Over 50% of UK businesses report experiencing a cyber attack annually
- Ransomware remains the top organised cybercrime threat
The trend is clear: more attacks, more automation, more impact.
Practical Advice for UK Businesses This Week
Things you should already be doing, but probably aren’t consistently
1. Lock down email security
- Advanced filtering + user reporting tools
- Simulated phishing exercises (yes, the annoying ones)
2. Enforce MFA everywhere
- Especially email, remote access and admin accounts
3. Patch faster than you’re comfortable with
- Attackers exploit known vulnerabilities within days
4. Monitor, don’t just install tools
- Logging and alerting actually need human attention
5. Test your backups properly
- Not “we assume it works”, but actual recovery testing
6. Have a real incident response plan
- Including who makes decisions under pressure
Official UK guidance lives here (and is surprisingly readable):
https://www.ncsc.gov.uk
Final Thoughts
Cyber security in England right now is a mix of geopolitics, organised crime, and automation at scale. Not exactly a relaxing combination.
The uncomfortable truth is this:
Most attacks aren’t sophisticated breakthroughs. They’re predictable, preventable, and still successful.
Which means the biggest risk isn’t the attacker.
It’s the gap between what organisations know they should do and what they actually bother to implement.
And that gap is doing a lot of heavy lifting for cyber criminals.
We have created Professional High Quality Downloadable PDF’s at great prices specifically for Small and Medium UK Businesses our main website. Which include various helpful Cyber related documents and real world scenarios your business might experience, showing what to do and how to protect your business. Find them here.
