Cyber Crisis: Is the UK public losing faith in cybersecurity and data protection?
Ensuring better online safety amidst recent high profile cyber-attacks
With cyberattacks dominating UK headlines in recent weeks, it’s clear that staying safe online is no longer an option but essential to our everyday online lives.
To better understand how the UK public feel about their online safety, we have launched new consumer research exploring the public’s attitudes, personal hacking experiences, and whether they trust businesses to protect their data.
This follows from last year’s IET World Password Day research (May 2024) which showed that only one in five people in the UK could correctly identify a secure password over a compromised one, with a fifth of people using the same password for multiple websites and devices.
Cybercrime: The growing threat
- 1 in 3 UK adults say they've seen more hacking this year than ever before
- Half the public fear cyber attacks – but action remains limited
- Over a third don’t know what to do after a cyber hack
- 14% have already fallen victim to cybercrime
- Fear is widespread:
- 56% worry about future hacks
- 74% believe hackers are getting more inventive
- 67% say they’re harder to detect
- Yet 1 in 5 still dismiss the risks as “overexaggerated”
Daily digital attacks
- Fraudulent messages flood platforms:
- 18% on Facebook
- 17% on WhatsApp
- 14% via text
- 12% on Instagram
- Even after being hacked:
- Only half monitor accounts more closely
- 1 in 8 change nothing
- Just 27% of 16–24 year olds increase vigilance
Who’s responsible?
- 70% say businesses must do more to protect personal data
- 66% want government action and public awareness campaigns
- Only 24% feel their data is secure
- Over a quarter suspect companies sell data without consent
- Many now avoid sharing personal info, aware of its financial value
How cybercriminals strike
Tactics are diverse, evolving, and increasingly sophisticated with multiple attack routes across:
- Hacked email, social media, banking accounts
- Romance scams and fake investments
- Phishing texts, malware apps, infected devices
What do our experts say
Dr Junade Ali, cyber security and digital forensics expert and Fellow at the IET said:
“Cybersecurity remains a key threat to our critical national infrastructure and to our own lives. These findings show that while awareness of cyber threats is growing, there’s still a gap in confidence and preparedness.
"We must continue to educate and empower the public to take control of their digital safety. By following best practice, and staying alert, we can all help secure ourselves and society at large.”
Anni Feng, Chair of the IET’s Digital Futures Policy Centre said:
“The research highlights the growing range of tactics used by cybercriminals, which are becoming increasingly difficult for people to detect. For some of these tactics, the first step might not even take place online.
"QR codes, for example, have become part of everyday life – used at GP practices for check-in, in museums to provide visitor information, and at conferences to join live polls. Because they appear in trusted environments and serve legitimate purposes, we might not always pause before scanning and clicking on the link.
"As a community of engineers and technologists, we have the responsibility to firstly stay informed and engaged with the topic of cyber security and secondly design systems/infrastructure with this in mind to support users making safe choices and enable cyber resilience.”
Dr Graham Herries, Chair of the IET’s Policy Oversight Committee said:
“Cyber threats are evolving faster than ever, and the UK’s recent breaches are a stark reminder that our digital defences are only as strong as the people behind them.
"To close the capability gap, we must inspire and equip the next generation of tech talent – especially in cyber security, automation, and engineering – before the risks outpace our readiness."
Tony Neate, CEO at Get Safe Online said:
"Most of us use the internet more than ever, and in fact there doesn’t seem to be much that we can’t do online. But because of the scams, disrespectful behaviour and inappropriate content that have unfortunately become so commonplace, it’s essential that we all look after ourselves, our families, finances, devices and workplace as best we can.
"Three simple basic tips to remember – always install your software updates, use passwords that are unique and not connected to your personal life and if something seems too good to be true it probably is. If you want to check out lots more advice, check out our Back-to-Basics tips at www.getsafeonline.com."
Rimesh Patel, IET member and Independent Cyber Specialist said:
“The research underscores the urgent need for enhanced cybersecurity as the UK advances toward a digital future. Successful Industry 4.0 integration across global sectors will depend on robust, cyber-secure foundations, with users at the heart of every digital transaction.
"The findings highlight the critical need for greater security awareness and the need for trust in data handling mechanisms. While vendors are beginning to address emerging challenges, both public and private service providers must position users as active partners, not just passive consumers.
"This shift will drive the need for Digital Sovereignty, helping to spearhead the trust necessary for secure digital interactions. As the UK population starts to transition into online services that leverages A.I, the success of our digital ecosystems will depend on built in safeguards to cybersecurity and acknowledging that basic cyber awareness is now a prerequisite for modern life for all.”
Passwords and authentication
- Use strong, unique passwords for every account
- Prefer long, randomly generated passwords or passphrases (e.g., three unrelated words)
- Protect your email account with a strong password, biometrics, and secure device PIN
- Use a reputable password manager to store and generate credentials
- Explore password-less options like passkeys, biometrics, or hardware security keys
- Enable Two-Factor Authentication (2FA) on all critical accounts — use apps or tokens over SMS.
Data protection and device security
- Back up important data using trusted cloud services or encrypted external drives
- Keep software and devices updated to patch vulnerabilities
- Avoid using unsupported devices that no longer receive updates
- Set a PIN for your SIM card to prevent account takeovers
- Set up account recovery options and designate trusted contacts for critical accounts.
Online safety and privacy
- Be cautious of phishing and social engineering – verify links, emails, and messages
- Limit app permissions to reduce access to personal data
- Avoid sensitive activities on public Wi-Fi – use a trusted VPN if needed
- Secure devices with auto-lock, strong passcodes, or biometric authentication
- Monitor accounts for unusual activity and enable login alerts.