What UK Businesses Can Learn from Cyber Siege: From Russia to Redcar and the £10 Million Ransomware Attack
Published by Bondgate IT | May 2025
As featured in the BBC’s
Cyber Siege: From Russia to Redcar
If you think ransomware can’t happen to your business, think again
If you rely on IT teams alone to handle cybersecurity, use backups you’ve never tested, or think phishing training is a one-time thing, you may be one click away from disaster.
In early 2020, Redcar & Cleveland Borough Council became the victim of one of the most catastrophic ransomware attacks in UK local government history. Overnight, council services collapsed. Websites went dark. Bins weren’t collected. More than 135,000 residents were left without essential services.
- The cost: Over £10 million
- The recovery time: Nearly 10 months
- The cause: One phishing email
At Bondgate IT, we saw the fallout firsthand. As a North East-based cybersecurity partner, we were invited by the BBC to contribute expert commentary in Cyber Siege: From Russia to Redcar.
In this article, we will unpack six critical lessons from the Redcar attack and explain how your organisation can avoid the same fate.
1. Phishing Starts with People, Not Code
“It looked friendly and familiar — except it wasn’t. That’s the doorway.”
— Garry Brown, Managing Director, Bondgate IT (BBC Cyber Siege)
Cybercriminals exploit trust, not just software vulnerabilities.
Redcar’s systems were breached via a phishing email, a tactic used in more than 90 percent of global cyber incidents. This wasn’t a sophisticated exploit. It was a failure to detect deception.
- Has your staff been trained to spot phishing attempts in the last 6 months?
- Do you simulate attacks to measure how people respond?
- Are your team members cyber-aware or just cyber-fatigued?
Take action: Explore phishing training options
2. Backups Won’t Save You If They’re on the Same Network
Redcar’s onsite backups were encrypted along with everything else.
Many businesses assume backups make them safe. But if those backups are on the same network or haven’t been recently tested, they are a false safety net.
Take action: Learn how to set up immutable, offsite backups
3. Silence During a Crisis Makes Things Worse
Confusion and vagueness erode trust fast.
Redcar’s early communications were vague and inconsistent. Many staff members didn’t know what had happened, and residents were left in the dark.
4. Cybersecurity Is Not Just an IT Issue
This was not a server issue. It was an organisational breakdown.
Cyber risk affects your finances, operations, leadership and reputation. Every team member and department plays a role in defence.
5. Recovery Takes Longer Than You Think
Redcar’s rebuild lasted nearly 10 months — and that’s not unusual.
Cyber recovery goes far beyond IT. The impact on operations, budgets, and mental health can linger for months. Planning for long-term recovery is essential.
Take action: Assess your organisation’s recovery plan
6. You Don’t Have to Face This Alone
Bondgate IT helps UK councils, SMEs, and schools stay one step ahead of ransomware and cyber threats.
From phishing simulations and Cyber Essentials to incident response and board-level strategy, we help your team build real cyber resilience.
Book a Free Cyber Health Check
Don’t wait until you're in the news. Identify vulnerabilities before attackers do.
Conclusion: What Will You Do Differently After Redcar?
At the end of the day, we’ve all underestimated cybersecurity at some point whether by skipping training, delaying backups, or assuming “it won’t happen here.”
Redcar’s £10 million mistake is your wake-up call. Now that you’ve learned the six most critical lessons from their story, it’s time to take action.
Your next step is simple: Start by assessing where your current defences fall short. Download our checklist, book a free checkup, or speak with your IT team today.
We’re Bondgate IT — and we’re here to help your organisation stay resilient, vigilant and prepared.