- Decade-old vulnerabilities still power millions of attacks across UK networks
- Hackers prefer easy targets left open by outdated, unpatched systems
- AI-powered scans reveal weak networks at unprecedented speed and scale
Across the UK, thousands of organizations continue to run computer systems with vulnerabilities that were first identified over ten years ago.
Cybercriminals take full advantage of this negligence and launch relentless waves of attacks against these unprotected entry points.
SonicWall’s 2025 UK cyber threat data claims that a single vulnerability in widely deployed Hikvision IP cameras accounted for 67 million attack attempts nationwide, around 20% of all major intrusions detected across UK networks over the entire year.
The article continues below
Attackers exploit what organizations already know but ignore
“Meanwhile, Zombie Tech continues to haunt UK networks,” said Spencer Starkey, Executive Vice President of EMEA at SonicWall.
“We’re seeing millions of attacks tied to a single long-known vulnerability, along with continued exploitation of issues that were first disclosed more than a decade ago.”
Attackers don’t need sophisticated zero-day exploits when organizations leave decades-old doors open.
The Hikvision camera vulnerability is not new, but it remains effective because too many networks have not been patched.
Interestingly, around 80% of IT managers claim they can detect a breach within eight hours of it happening – yet evidence shows that breaches typically go unnoticed for an average of 181 days.
This gap is critical because intrusions often go unnoticed when teams assume systems are secure.
Overall, the amount of ransomware in the UK fell by 87% during 2025, but the seemingly positive statistics hide a darker trend.
The number of compromised organizations actually increased by 20%, meaning attackers are hitting fewer targets but causing more damage per successful breach.
“On the surface, the 87% drop may look like progress, but the reality is more alarming,” Starkey said. “More organizations are being successfully targeted, and attackers are doing so with far greater precision.”
Smaller organizations are disproportionately affected, with ransomware present in 88% of SMB breaches compared to just 39% of large enterprises.
The geographic concentration of these attacks is stark, with England experiencing almost all of the UK’s ransomware incidents.
London and the South East account for the vast majority of successful hits, reflecting where the most valuable targets are located.
The growing number of AI tools is a problem, with bots now generating 36,000 scans per second across UK networks, causing AI-enabled attacks to rise by 89% by 2025.
Cybercriminals are now combining automation with precision targeting, making it easier for them to find and exploit legacy systems at scale.
What organizations should do about the zombie technology problem
To address this issue, organizations should start by taking an immediate inventory of all connected devices that may have been installed years ago and then forgotten.
Each device in this inventory must be checked against known vulnerability databases, with priority given to patching any issue that has public exploit code available.
Any device that cannot be patched should be replaced with modern alternatives that receive regular security updates.
Network segmentation should also be implemented to isolate legacy devices so they cannot be used as entry points to more critical systems.
Firewalls should be tested regularly to ensure that they are actually blocking the traffic patterns associated with known vulnerabilities, rather than simply logging them.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds.
