• Cybersecurity spending has now reached c.$184 bn globally²
• Total losses to U.S. cybercrime reached $16.6 bn in 2024, up 33% over a year¹
• 53% of cyber-attacks resulted in damages of $500,000 or more³

Cyberattacks can come from a wide range of actors – criminals seeking financial gain to ‘hacktivists’ pushing political agendas. With both reported losses and cybersecurity investment hitting record highs in recent years, we thought it was a good time to put the current landscape into context.

Common types of cyber attack

• Malware – an umbrella term to describe types of malicious software including spyware, ransomware and viruses. M&Ss’ May cyberattack is an example of this in action, where ransomware was deployed to scramble the company’s IT networks making them unusable unless a ransom was paid. A vast amount of employee and customer personal data was also stolen.
• Phishing – The sending of fraudulent communications that mimic trusted sources to deceive recipients. Late last year, cybercriminals launched a phishing campaign that impersonated themselves as UK taxpayers. They submitted fraudulent tax rebate claims via HMRC and successfully extracted approximately £47 m from public funds⁴.
• Denial of service – when a system, server or network is flooded with traffic to exhaust its ability to continue service. In 2023, Microsoft revealed they managed to absorb and block a 3.47 terabyte per second attack on their Azure servers.
• Digital wallets – Cryptocurrency obtained through illicit activities can be seized by authorities. For example, in 2018, the UK government confiscated 61,000 Bitcoins linked to a Chinese Ponzi scheme and these assets are now valued at approximately £5 billion⁵. Recent reports suggest that Chancellor Rachel Reeves is considering liquidating this holding to support public finances. Conversely, earlier this year, hackers believed to be affiliated with the North Korean regime breached the crypto exchange ByBit, stealing $1.5 billion in digital assets. These funds are reportedly being channelled into the country’s military development programs⁴.

Defence against attack

Multi-layered and up to date security protection forms the first line of defence, but detection systems and the ability to react quickly are also becoming of significant importance. In keeping with the above malware example, Co-Op was also targeted during the same attack, but because they were able to recognise the hack while it was taking place, they pulled their own plug and went fully offline before suffering any ransomware. This short-term, self-imposed disruption proved worthwhile – they avoided the kind of long-term fallout that M&S, unfortunately, experienced. Equally important is ensuring staff receive proper training to recognise and report potential threats before they escalate⁴.

Bowmore portfolios

We added a cybersecurity-focused ETF to our core portfolios in 2022, as cyber risk became a top priority for businesses and governments after Russia’s invasion of Ukraine. Since then, investment into robust cybersecurity has grown by 14% year on year and has now reached approximately $184 bn in global spend².

The fund’s investment approach identifies companies that are at the forefront of cybersecurity technology, providing solutions to protect against a wide range of digital threats. This includes firms engaged in the creation, implementation, and management of security protocols for private and public networks, computers, and mobile devices. The fund has delivered a return of 23.3% in the past year.

 

Source: LSEG DataStream, data as at 24/07/2025

The value of your investments can go down as well as up, so you could get back less than you invested. Past performance is not a guide to future performance.

Sources:

¹ The HIPPA Journal, 2025

²  Gartner, 2025

³ Cisco, 2025

⁴ BBC, 2025

⁵ Cryptoslate, 2025