Febuary 2026 Newsletter
Posted By: Mark Friday 27th March 2026 Tags: AI, Artificial Intelligence, cyber attacks, cyber crime, Cyber Security, Data Breach, Data Leak, Data Protection, DDoS, Newsletter, Online Safety, ransomware, Social Media, technologyThis month: Ransomware payments falling/attacks rising, record DDoS attacks, Gucci’s ‘AI slop’ controversy, Moltbook social platform for AI, plus the latest LaneSystems news.
Ransomware Payments Falling, But Attacks Still Rising
Less Money Paid – More Victims Hit
Ransomware payments fell for the second year running in 2025, according to the Chainalysis 2026 Crypto Crime Report, yet the number of attacks continues to climb sharply. In a clear contradiction, cybercriminals are receiving less money overall, but they are targeting more organisations than ever before.
Chainalysis estimates that ransomware gangs pulled in around $820 million in 2025, an 8% drop from the previous year, and the proportion of victims who actually paid fell to an all time low of 28%. On the surface, that sounds like progress. But the wider picture is far more troubling.
A Record-Breaking Year for Ransomware Attacks
Despite lower total payments, 2025 was the most active year on record for ransomware. Chainalysis cites eCrime.ch data showing a 50% year on year increase in publicly claimed victims. Security firm Emsisoft recorded more than 8,000 organisations named on leak sites—another sharp rise.
This surge wasn’t driven only by the big, well known gangs. While major groups such as LockBit and BlackCat have been disrupted by law enforcement, the vacuum has been filled by smaller, opportunistic crews, splinter groups and rebrands, plus attackers buying access from brokers rather than breaking in themselves.
The result is a crowded, unpredictable threat landscape where more organisations are being hit, even if fewer are paying.
Why Ransomware Payments Are Dropping
The fall in ransom payments doesn’t mean ransomware is becoming less profitable, it’s just becoming less reliable for criminals.
Several factors are contributing to this.
-
Better backups and recovery planning mean more organisations can restore systems without paying.
-
Cyber insurance policies increasingly discourage or restrict ransom payments.
-
Law enforcement pressure has made paying riskier for victims, especially when sanctions are involved.
-
Growing public awareness means businesses are more willing to refuse demands.
However, attackers are responding by raising their demands. The median ransom request jumped from $12,738 in 2024 to $59,556 in 2025—a dramatic increase that reflects their attempt to offset lower payment rates.
High-Profile Ransomware Incidents
The Register highlights several major UK and global incidents that shaped 2025 and show the scale of disruption: Jaguar Land Rover suffered what has been described as the costliest cyber incident in UK history. Marks & Spencer faced prolonged disruption after a Scattered Spider linked breach that wiped hundreds of millions off its market value. Co-Op and NHS Trusts are other notable attacks in recent times.
These cases underline a key point: even when ransoms aren’t paid, the operational and financial impact can be enormous.
Ransomware as a Supply Chain
Chainalysis notes that ransomware now resembles a criminal supply chain rather than a single type of attacker. One of the fastest growing components is the market for Initial Access Brokers (IABs)—criminals who sell ready made footholds into corporate networks.
IABs received at least $14 million in on chain payments in 2025, and spikes in these payments often precede increases in ransomware activity by around 30 days. In other words: access gets bought, and a few weeks later, a victim appears on a leak site.
What It All Means for UK Businesses
For businesses the message is clear:
-
Ransomware is not going away, even if fewer organisations are paying.
-
Attackers are diversifying, making it harder to predict who will be targeted.
-
Operational disruption is now the main risk, not just financial loss.
-
Supply chain attacks are rising, meaning even well protected organisations can be affected through partners or vendors.
The UK remains one of the most targeted countries globally, alongside the US, Canada, and Germany.
The decline in payments is encouraging, but it should not be mistaken for a decline in threat. Ransomware is evolving, not disappearing. For most organisations, the priority is shifting from “How do we avoid paying?” to “How do we keep operating when, not if, an attack happens?”
Contact us today to make sure your company is prepared for dealing with the threat of a ransomware attack.
LaneSystems News
IT Team Update: Apprentices Hitting the Road
We have some great news to share from the IT department! Huge congratulations to Evan Drake for successfully completing his Level 3 IT Support Apprenticeship. Evan has been a key part of the office support team, and we’re pleased to see him taking the next step in his career.
We are also excited to announce that both Evan Drake and Liam Fisher have now started their Level 4 Network Engineer Apprenticeships.
Moving Beyond the Desk
While you’re used to speaking to Evan and Liam over the phone or via email, this new qualification involves a lot more fieldwork. To help them gain the technical evidence needed for their course, they’ve been joining our field technicians on-site to get some hands-on experience.
Lately, they’ve been spotted across our sites:
-
Swapping out network switches to ensure our infrastructure stays robust and high-performing.
-
Mounting wireless access points to improve connectivity and coverage for everyone.
-
Shadowing our senior techs to learn the ropes of complex physical installs.
Why This Matters
This Level 4 course is a significant step up. It moves beyond standard desktop troubleshooting and into the world of designing and maintaining the “backbone” of our network.
By getting out of the office and working directly with the hardware, Evan and Liam are gaining critical knowledge of our network architecture. This hands-on training means they’ll be better equipped to handle complex networking issues and provide more direct support during future site builds.
It’s great to see them taking on these new challenges—be sure to say hello if you see them at your site!
Charity News
In February we were helping out St Cuthbert’s by donating £400 of labour for a firewall configuration.
UK Hit by Record DDoS Attacks
As reported by The Register, the UK has been struck by a surge of record breaking DDoS attacks, with recent botnet floods reaching unprecedented volumes and pushing the country sharply up the global target list. These attacks now blend high volume traffic floods with application layer disruption, overwhelming services in seconds. Attackers increasingly rely on vast IoT botnets and compromised cloud infrastructure, enabling multi vector assaults that shift tactics mid stream.
Why It Matters for UK Organisations
Even brief outages can interrupt sales, destabilise portals, and damage customer trust. Sectors such as finance, retail, logistics, and professional services are particularly exposed because their operations depend on uninterrupted digital availability. The growing agility of attackers means traditional perimeter defences alone are no longer enough.
Strengthening Resilience
A layered defence is essential. Cloud based DDoS scrubbing can absorb malicious traffic before it reaches networks. Rate limiting, Web Application Firewalls, and zero trust segmentation help contain application layer attacks. Regular load testing ensures organisations understand their resilience, while clear incident response playbooks support rapid action when an attack begins.
Treating DDoS resilience as a core part of business continuity is now critical for UK organisations. Contact us today to review your businesses cyber resilience.
AI Slop or Smart Provocation?
Gucci’s AI Imagery Reignites Tensions Between Tech and Tradition
Gucci’s use of AI generated imagery to promote its Milan Fashion Week show has ignited a debate that cuts across creativity, luxury branding, and the wider unease surrounding synthetic media. The criticism began with a series of stylised promotional images, which were clearly labelled as AI created, featuring glamorous, fictionalised characters in retro Gucci looks. Many social media users argued that the approach undermines the brand’s long standing emphasis on craftsmanship and human creativity, with some dismissing the visuals as “AI slop”—a term used to describe the growing tide of low effort generative content flooding online platforms.
Reaction Across the Fashion and Tech Press
Media coverage reinforces the sense of unease. The BBC and City AM report that followers questioned why a luxury house, one that trades heavily on artisanal heritage, would rely on synthetic imagery at a moment when its new creative director, Demna Gvasalia, is preparing for a pivotal debut. Critics described the visuals as “cheap” and suggested the move risked signalling cost cutting rather than innovation.
Other outlets, such as Newsbreak and Yahoo News, echoed similar concerns. They highlighted the tension between Gucci’s stated celebration of Italian craftsmanship and the decision to replace human models and photographers with algorithmic renderings. The recurring sentiment is that AI may be acceptable for mood boards or light retouching, but not for front of house marketing in a sector built on exclusivity and artistry.
Alternative Interpretations and Strategic Angles
Not all commentary has been negative. Some observers argue that Gucci may be deliberately provoking debate about what luxury means in an AI saturated era. Some, like AI Magazine, believe the campaign could be read as a form of meta commentary, using synthetic imagery to question the boundaries of authenticity, aspiration, and spectacle in high fashion. Others, like DesignRush, note the backlash arrives during a period of commercial pressure for Gucci, following a reported sales downturn. In that context, the AI campaign could be seen either as a bold creative reset or a misjudged attempt to appear technologically forward.
A Broader Industry Movement
The controversy lands at a time when brands from Valentino to H&M are experimenting with generative tools. The mixed reaction to Gucci’s campaign suggests that while AI can be a powerful creative instrument, luxury houses must tread carefully to avoid diluting the very qualities that define them.
Moltbook: The Social Network Built for AI
Moltbook has emerged as one of the most unusual digital experiments of recent years: a social media platform designed not for people, but for autonomous AI agents. Instead of human users sharing updates, Moltbook hosts more than 1.5 million AI bots that post, comment and interact with one another in real time. These agents trade technical tips, debate philosophical questions and even form their own micro cultures and belief systems, reflecting patterns usually seen on human platforms.
The platform was created to explore how AI systems behave socially when left to interact without human oversight. Researchers have observed that these agents quickly develop conventions, hierarchies and community norms, offering a glimpse into how future AI might collaborate or compete. Some see this as a bold step towards understanding machine society; others worry about the implications of AI agents coordinating at scale.
Moltbook has also sparked debate about authenticity. While it markets itself as an AI only network, investigations suggest that humans can still influence or impersonate agents, blurring the line between automated and human driven behaviour. This has raised concerns about security, manipulation and the potential for AI generated content to spill into wider online spaces.
Despite the controversy, Moltbook represents a significant moment in AI development: a live laboratory where machine interactions unfold in public, revealing both the promise and the unpredictability of autonomous digital societies.
Need Cyber Security?
If you’re a business in the North East of England and looking for professional and reliable cyber security services, IT consultation, and general IT services to keep your company cyber secure, get in touch. Cybersecurity is a continuous process, and staying proactive is key to safeguarding digital assets.
