Published: September 22, 2025 at 3:34 pm
The attack over the weekend was another stark reminder of the dangers Europe’s most critical organisations face. While details at this moment in time are scarce, we know from experience the most common ways attackers breach these types of organisations.
Phishing campaigns, which despite being the most basic are also the most effective, have long been the favourite technique used by attackers. However, recent attacks on M&S, Co-op, and JLR are suspected to have been carried out using social engineering; a devastating vector which uses the identities of real or fake employees to trick other staff into compromising their own organisations, lowering defences or sharing critically sensitive information.
The reality is that, in 2025, the world is not on the most steady heading. Active conflict zones in Europe, the Middle East, Asia and Africa are causing global diplomatic tensions.
While many are concerned about physical attacks on the UK and Western Europe, there is a much higher probability of damaging cyber attacks being aimed this way, likely by Russia or other malicious states.
The purpose of these attacks, often carried out by a private company on behalf of a nation state, seek to cause disruption, financial loss and sometimes loss of life.
Looking at the attack on Collins Aerospace, it’s easy to see why they would be a target for this type of attack; although we still don’t have any confirmation on where this attack has come from.
This attack is another wake up call that the risk of our CNI (critical national infrastructure) being targeted by malicious actors is growing and, without fresh approach to managing that risk, breaches will continue to occur.