If you’re not scared that your network might fail or be attacked, you should be. It’s that time of year where wicked witches are once again terrorising WAN backups and more! Bridgeworks breaks the curse in this feature from GPSJ.
October 31, 2025
It’s that time of year again – Halloween – when the ghosts and witches are expected to come out to cause havoc. When it comes to phishing attacks, it’s a game of trick rather than of treat. Check Point writes in its blog, ‘Halloween Frights of the Digital Age: Cyber Threats Haunting Us in 2024’ that in the third quarter of last year, there was a 75% increase in cyber-attacks worldwide. In another blog, the company says that this equates to an “average of 1,876 cyber-attacks per organisation, marking a 75% increase compared to the same period in 2023 and a 15% rise from the previous quarter.”
In its blog, ‘A Closer Look at Q3 2024: 75% Surge in Cyber Attacks Worldwide,’ the company provides an industry-wide breakdown: “The Education/Research sector was the most targeted with 3,828 weekly attacks, followed by the Government/Military and Healthcare sectors, with 2,553 and 2,434 attacks, respectively.” The cyber-security firm adds that Africa faced the highest average of attacks at 3,370 per week (+90% YoY), “while Europe and Latin America also saw significant increases.”
Ransomware: Persistent threat
Ransomware sits out as one of the most persistent threats. This time last year, 1,230 incidents were reported. North America was most affected with 57% of the attacks occurring there. Not far behind are the cyber-attacks on Europe, which had to deal with 24% of the ransomware attacks. Coupled with phishing attacks, this is perhaps the most serious form of attacks for public sector organisations, as a ransomware attack could cripple their ability to provide public services, and to operate more generally.
Cyber-security firm, Guardz, warns: “Employees overloaded with emails might miss the common tactics used by attackers, such as domain spoofing, look-alike URLs and manipulated sender headers that make a message appear to come from a trusted source. This was the case in a recent Microsoft 365 phishing campaign exploit earlier this year, where attackers were even able to evade SPF, DKIM and DMARC security measures.”
The firm reveals that new recruits are the most likely to unwittingly start a phishing attack – citing an article by Help Net Security, with the headline: ‘71% of new hires click on phishing emails within 3 months.’ Anamarija Pogorelec, Managing Editor of Help Net Security, writes: “Based on data from 237 companies across various industries, the 2025 New Hires Phishing Susceptibility Report found that new hires are 44% more likely to fall for phishing and social engineering scams than longer-term employees.”
Business Email Compromise
Guardz also warns that Business Email Compromise (BEC) attacks are another one to watch out for during the Halloween period. So, you thought a phishing scam was spooky, but in the first quarter of 2025, BEC attacks accounted for 37% of all email scam attacks. The firm says 73% of them impersonate someone senior – usually a company’s CEO or another C-suite executive. Invoice fraud is next on the list, as it ranks high in its use for BEC attacks, targeting HR and payroll teams by “impersonating legitimate vendors, company executives or internal finance contacts to extract sensitive data or credentials.”
Malware poses a significant threat, too. Jordan Snapper, writing for Guardz, continues: Halloween wouldn’t be complete without a cunning cyber threat actor that usually comes in the form of a sneaky file attachment. That ghostly threat, better known as malware, can silently infiltrate systems, exfiltrate sensitive dataor create backdoors for further attacks.”
Then there is fileless malware, which he explains “operates entirely in memory, leveraging legitimate system tools, such as PowerShell, WMI or macro-enabled Office documents to execute harmful code or run malicious commands when opened, all without leaving traditional files on disk.”
He adds: “Talk about an unpleasant Halloween surprise; fileless malware makes it virtually impossible for traditional antivirus tools to detect. MSPs that manage remote teams and contractors face a greater risk, as attackers often exploit unsecured endpoints and unmanaged devices to inject malicious scripts directly into memory. Without proper endpoint coverage and visibility, a threat actor can take control of a remote Windows session, execute commands, and deploy payloads while appearing as a legitimate user.”
In this case, the goal could be to slowly crash systems or to gain long-term undetected access to critical infrastructure. It also doesn’t matter whether your teams are working in an office, or remotely. They are all potentially vulnerable to attack unless the right training and precautions are put in place to forestall any kind of attack – including ones that aim to cause a data breach that could lead to a breach of GDPR and significant fines, lawsuits, and damaged reputations.
Danger: Windows 10’s demise
With support for Windows 10 now ending this month, October 2025, there is also concern about whether Microsoft could be leaving millions of users in the lurch – vulnerable to cyber-attack as many of them won’t be receiving any security updates in the push by Microsoft to get its customers to migrate to Windows 11. This is as true of public sector organisations, as it is of companies in the private sector, and of individuals.
British newspaper, The Guardian, headlines this as: ‘Millions in UK at risk of cyber-attacks as Windows 10 ends updates, Which? finds.’ Written by Robert Booth, the newspaper’s UK technology editor, its standfirst claims: “Survey shows one in four users intend to keep using system as it is phased out, despite increased virus and malware risk.” That’s at least 21 million people who use a device that runs Windows 10 software intend to keep using the operating system after updates cease, leaving them at risk of online security breaches – including malware and viruses, according to a survey by the consumer watchdog Which?
As for the public sector, Google AI says: “There is no exact number for how many Windows 10 machines in the public sector will be replaced by Windows 11, as this is a complex, ongoing transition. However, it’s clear a significant number of public sector machines will be replaced because many older computers are not compatible with Windows 11, which requires specific hardware. Organisations are facing increased budget pressure to fund these replacements to ensure security, with some already budgeting for new devices or extended support.”
Back up, back up!
With increasing volumes of data also being stored in the cloud, public sector organisations should actively and regularly back up their data. However, these systems aren’t immune from attack, and so there is a need to back up and restore data rapidly. One of the traditional responses to this issue has been WAN Optimisation, but it can’t send and receive encrypted data. Increasingly popular in the public sector are SD-WANs, but they also need a boost in their performance with a WAN Acceleration overlay.
To have the ability avoid any disruption caused by a cyber-attack, or to restore operations quickly, and to keep data safe – away from the threat actors, it’s firstly important to have data stored in 3 disparate disaster recovery, situated miles from each other. Next to ensure that your data backup and restore activities also obfuscate cyber-criminals, it’s vital to deploy a technology that uses artificial intelligence, machine learning, and data parallelisation – and that unique technology is WAN Acceleration.
With this, you can dramatically improve data throughput up to 98% of bandwidth – regardless of distance. It’s a technology that is being used by CVS Caremark in the U.S, and by the National Institutes of Health. The latter has global data transfer requirements as it is also the world’s biomedical research agency. As for CVS, it connected two virtual tape libraries over 2,860 miles at full WAN bandwidth. This achieved a performance gain of 95 times the unaccelerated performance.
Still, while this technology goes a long way forward to protect data and systems that store and use it, organisations also need to ensure that they put other cyber-security technologies, training, policies and procedures in place. Whether at Halloween, or at any other time of the year, public sector organisations need to be forearmed to prevent and forestall cyber-attacks – no matter what kind of cyber-attack is launched against them. It’s cheaper because it saves time, money, and reputations. By putting prevention before a cure ahead of any reactive response, the cyber-criminal ghouls will be kept away.