Decade-Old Vulnerabilities Continue to Fuel Millions of Cyberattacks in the UK

Legacy vulnerabilities persist in the UK because many organisations rely on hardware and software that were never designed for regular patch cycles. Devices such as older IP cameras, industrial controllers, and legacy firewalls often lack vendor support, leaving security teams with costly workarounds or forced replacements. Budget constraints, fragmented IT estates, and a shortage of skilled staff further delay remediation, turning what should be a short‑term fix into a decade‑long exposure that cybercriminals can reliably exploit.

The impact is most pronounced among small and medium‑size businesses, where 88 % of breaches now involve ransomware. While overall ransomware volume has dipped, the 20 % rise in successful compromises shows attackers are extracting more value per intrusion, often leveraging AI‑powered bots that scan for known flaws at scale. The 89 % surge in AI‑enabled attacks underscores a shift from bespoke exploits to automated, high‑volume campaigns that overwhelm traditional defenses, forcing organisations to rethink threat‑intel and detection strategies.

Industry response emphasizes proactive inventory, rapid patching, and network segmentation. SonicWall’s recent firmware updates for three critical CVEs illustrate the need for timely vendor collaboration, while experts advise replacing unpatchable hardware and regularly testing firewall rules. For SMBs, adopting a risk‑based approach—prioritising assets that handle sensitive data—can maximise limited resources. As AI tools become more accessible, continuous monitoring and adaptive security architectures will be essential to curb the tide of attacks rooted in outdated, unpatched technology.