Key US cyber law expires, and other cybersecurity news

The Cybersecurity Information Sharing Act (CISA), a major piece of US legislation on cybersecurity, expired on 1 October, 2025, amid a government shutdown.

The law encourages and facilitates information sharing between the private and public sectors on cyber threats, with the Department of Homeland Security acting as a central hub and distributing information around threats to relevant agencies and partners.

It gives private companies legal protections when sharing information in good faith, shielding them from lawsuits for sharing relevant, non-private threat data.

While the Department of Homeland Security said it would preserve the platform during any lapse, the absence of the CISA could cause a drop in information sharing by as much as 80%, according to attorneys from the WilmerHale law firm. They argue that "without the critical protection for legal privileges - and the perceived need for liability and antitrust protections - private entities are less likely to voluntarily share information with the federal government or private entities due to a perceived increased risk."

The US Secret Service shut down a network of more than 300 SIM servers and 100,000 SIM cards that could have disabled cellular systems as world leaders gathered in New York for the United Nations (UN) General Assembly on 23 September.

This equipment was reportedly capable of texting the entire population of the US within 12 minutes, or disabling mobile phone towers and launching distributed denial of service attacks that might have blocked emergency dispatch communications, as the special agent in charge, Matt McCool, shares in this interview with the BBC below.

These devices were discovered within 35 miles (56 kilometres) of the UN's General Assembly, posing a significant threat as the US Secret Service Director, Sean Curran, expressed: “The potential for disruption to our country’s telecommunications posed by this network of devices cannot be overstated.”

A cyber attack on the weekend of 19 September targeting aviation IT provider Collins Aerospace caused major disruption across European airports. Authorities have since made one arrest in connection with the attacks and determined that a piece of ransomware known as HardBit was used. This incident is an urgent wake-up call on the need to build greater, more collaborative cyber resilience across all critical infrastructure. Find out more from our explainer below.

A cyber attack on Jaguar Land Rover's systems in the UK, Slovakia, India and Brazil has left its factories shut down for weeks. The slow return to business as usual has led to the UK government stepping in to underwrite a five-year $2bn loan guarantee. The return to normal could be slow, with its supply chains facing weeks of uncertainty ahead.

A gang of cyber criminals has reportedly stolen the pictures, names and addresses of around 8,000 children registered with the Kido nursery chain - which has sites in London, the US and India - and is demanding a ransom from the company. The stolen data includes safeguarding notes and other sensitive information - "an absolute new low", says cybersecurity firm Check Point.

A record-breaking distributed denial of service (DDoS) attack has been reported by web performance and security company Cloudflare. The attack peaked at 22.2 terabits per second (Tbps) and 10.6 billion packets per second (Bpps), and lasted 40 seconds. The previous record was also recorded by the company, at 11.5 Tbps and 5.1 Bpps at the start of September 2025.

The chart below outlines the growing number of DDoS attacks around the world.

Co-op has revealed that a cyber attack it experienced in April 2025 will cost the organization about $161 million in lost profit this year. The British retailer was forced to temporarily shut down several systems to contain the threat, which led to operational disruption, including affecting food availability in stores.

That was just the cost for one company - now imagine a whole country. A survey by industry group Bitkom has looked at just that. It estimated the cost of cyber attacks on the German economy over the past year at almost $352 billion. Ransomware was the most common software used in these attacks, with 34% having suffered such attacks, up from just 12% in 2022.

AI agents: These autonomous systems have exploded in popularity, but organizations must prioritize security, interoperability and visibility when building them, warns Okta’s President, Eric Kelleher. AI agents are making significant productivity gains for businesses across industries, but they also open them up to new cybersecurity threats. Only 10% of respondents to an Okta survey of 260 executives report having a well-developed strategy for managing their non-human and agentic identities. This poses a significant security concern, considering 80% of breaches involve some form of compromised or stolen identity. Learn more about managing this growing cyber threat in this article.

Innovations are only as valuable as they are secure: Cybersecurity is often viewed as a hurdle to efficiency, when in reality the opposite is true. Cybersecurity done right protects your innovations and progress, serving as a launchpad into the future. Check Point's Chief Revenue Officer, Itai Greenberg, explores why companies must implement security measures that are business-enabling, while delivering outcomes at the speed of AI, in this article.

Embodied AI: This technology refers to physical systems, such as robots, that can perceive, decide and act in dynamic real-world environments. This combination of hardware and AI is already reshaping sectors, from industrial robotic arms transforming manufacturing to autonomous mobile robots reimagining logistics and service environments such as hospitals, hotels and retail stores. Kearney's Raphael Preindl and the Forum's Pierre Maury break down its possibilities and the path forward for these technologies in this article.