Welcome to this week’s edition of our cybersecurity news roundup, bringing you the latest developments and insights from the UK and beyond.
NHS Scotland Confirms Cyberattack Disruption
On 20 March 2025, NHS Scotland reported a major cyber incident that caused network outages across multiple health boards. The cyberattack disrupted clinical systems and led to delayed patient care, with staff reverting to paper-based processes. The incident has been linked to a suspected ransomware group, although official attribution is still pending. Investigations are ongoing with support from the National Cyber Security Centre (NCSC). Further coverage from The Register confirmed that some systems were taken offline to prevent further spread, while emergency care remained operational. The affected regions included NHS Dumfries and Galloway, which issued a statement urging patients to only attend if absolutely necessary. (Read more on The Register)
NCSC Weekly Threat Report 22 March 2025
The NCSC’s latest threat report highlights ongoing exploitation of known vulnerabilities in Progress Telerik UI by state-aligned threat actors. The report urges UK organisations to patch vulnerable systems immediately, as attackers continue to target unpatched web servers. Additionally, the NCSC notes an increase in malicious QR code campaigns”, so-called “quishing””, where attackers embed phishing URLs into QR codes used in emails, posters, or even receipts. Organisations are advised to educate staff and implement QR code scanning policies.
Cyber Threats on the Rise as UK Eyes General Election
As the UK gears up for a general election later this year, the NCSC has raised concerns over potential interference campaigns and disinformation efforts by hostile states. Security services are reportedly on high alert, coordinating with political parties to bolster cyber resilience. While no major incidents have been reported yet, the threat landscape is being closely monitored.
Quick Bytes
New phishing campaign mimics HMRC emails demanding urgent tax repayment. Be vigilant and double-check all official correspondence. UK universities warned of increased targeting by espionage-motivated groups, particularly in the fields of AI and quantum computing. ICO fines a London-based telemarketing firm £130,000 for unlawful data use and non-compliance with GDPR. That’s all for this week! Stay tuned for more updates, and follow best practices to keep your systems secure. âž¡ï¸ Previous Post: UK Cybersecurity Weekly News Roundup – 17 March 2025
First seen on securityboulevard.com
Jump to article: securityboulevard.com/2025/03/uk-cybersecurity-weekly-news-roundup-23-march-2025/
