UK businesses 'ignore free advice' to stop cyber attacks, GCHQ warns as M&S still reels from major hack

21 May 2025, 14:15 | Updated: 21 May 2025, 23:36

British businesses are not following “freely available” advice to thwart hackers, GCHQ's cyber security chief has said.

Richard Horne, the chief executive of the National Cyber Security Centre (NCSS), has expressed his frustration amid a string of attacks on corporations from retailers like Marks and Co-op to Harrods.

He said these incident “must give us pause … not because they are unique, but because they are not."

Mr Horne stressed that while guidance is freely available on the NCSS website, it is not being following "nearly enough across the UK".

"There is a widening gap between the increasing cyber risks we face and our ability to defend ourselves against them. Every organisation must operate in a way that minimises the risks of an incident and know in advance how they would respond — and continue to operate — were an attack to get through.

Read more: Slow recovery ‘appropriate’ to ensure M&S is secure after cyber attack – experts

Read more: The £300m cyber attack: M&S warns of huge hit to profits after hack halted orders on website and caused empty shelves

"This is effective risk management, and any business leader who thinks they may be exempt from cyber risks should think again — and implement our advice immediately," he wrote in a letter to The Times.

Marks and Spencer said today disruption from the major cyber attack it suffered around the Easter weekend is expected to continue through to July and reduce operating profits by around £300 million before action to offset the hit.

The high street giant halted orders on its website and saw empty shelves after the attack.

Its shares plunged almost 2% on Friday morning, and are now down about 5% from the instance when the firm first disclosed its IT systems had been affected.

Writing for LBC Opinion, Graeme Stewart, Head of Public Sector at Check Point Software Technologies, warned that cyber attacks happen so often "that they barely cause a ripple in the news cycle".

He referred to this phenomenon as "breach fatigue".

"The rise in attacks is not surprising. Many public and private sector systems are built on ageing infrastructure. Meanwhile, criminals are constantly refining their tools," he wrote.

"They do not need to break down the door. Often, we are unknowingly holding it open."

but he stressed that while attacks are on the rise, that "we are not powerless".

"If you believe your data has been compromised, the first step is not to panic. Start by changing your passwords on key accounts like banking, email and social media," Mr Stewart said.

He advised: "Turn on two-factor authentication to make it harder for attackers to gain access.Stay alert to any suspicious emails, texts or calls.

"Cybercriminals often follow up on data breaches by pretending to be someone you trust. If in doubt, do not engage. Contact the organisation directly using an official channel.

"You can also check whether your information has appeared in known breaches using free tools like HaveIBeenPwned.com. And always report fraud attempts to your bank or Action Fraud."