Summer 2025 Sees Surge in Cyber Attacks: The Heat Isn’t Just Outside

The summer of 2025 proved to be a relentless season for cybersecurity, with ransomware attacks targeting hospitals, significant data breaches affecting retail giants, and phishing schemes impacting insurance firms. Nation-state actors also launched disruptive campaigns, employing stealthy PowerShell loaders and zero-day SharePoint exploits that kept security defenders on high alert. A report detailed the most impactful incidents of the season, emphasising the urgent need for security teams to bolster their defences in anticipation of future threats.

In the healthcare sector, ransomware groups exploited the critical nature of patient care, with Interlock emerging as a significant threat. A joint advisory from CISA, FBI, and HHS on July 22, 2025, identified Interlock as responsible for approximately 14 incidents, a third of which targeted healthcare providers. The group utilised a PowerShell launcher called “FileFix” to conceal malicious scripts, tricking users into executing payloads while evading standard security measures. Additionally, the Rhysida ransomware group leaked sensitive data from the Florida Hand Center, while Qilin became the most active ransomware group, exploiting unpatched Fortinet vulnerabilities to compromise healthcare systems and employ aggressive extortion tactics.