concept

ransomware

Also known as: ransomware attacks

Facts (44)

Sources

Cybersecurity Trends and Predictions 2025 From Industry Insiders itprotoday.com ITPro Today 44 facts

perspectiveTodd Thorsen, CISO of CrashPlan, predicts that artificial intelligence will fuel the advancement of ransomware threats in 2025, leading companies to adopt broader cyber resilience programs focused on AI.

claimKrishna Vishnubhotla, VP of product strategy & threat intelligence at Zimperium, asserts that attackers are increasingly exploiting mobile platforms due to their unique vulnerabilities and weaker security postures.

measurementRansomware attacks increased by 21% in 2024.

claimThe RansomHub ransomware platform attracts affiliates by offering them up to 90% of ransom payments and is noted for its high-impact attacks and advanced deployment techniques.

claimNation-state threat attacks will shift focus from ransomware using forward-facing web applications to power grids and corporate data stored on critical hardware.

measurementA Vercara survey found that consumers are most concerned about ransomware, nation-state attacks, and phishing in 2025.

claimBalazs Greksza, threat response lead at Ontinue, expects that while some ransomware groups will fragment and rebrand in response to law enforcement pressure, only a small percentage will be deterred from continuing cybercrime activities.

claimRansomware groups are targeting critical services, which necessitates a focus on software lifecycle security and vendor verification.

measurementRansom demands are expected to surge past the 2024 average of $2.73 million as cybercriminals target high-value organizations for larger payouts.

accountThe threat actor 8Base emerged in March 2022 and utilizes double extortion tactics, which involve exfiltrating victim data before deploying ransomware, alongside advanced techniques to evade security measures.

claimJustin Shattuck, CISO of Resilience, predicts that the financial impact of ransomware attacks will continue to rise due to advancing attacker strategies, the targeting of critical industry sectors, and increasing ransom payment demands.

claimRiaz Lakhani, CISO at Barracuda, predicts that ransomware attackers will continue to target legacy industries and organizations in 2025 to maximize return on investment.

claimThe golden age of ransomware innovation has slowed because many encryptor source codes have been leaked or shared, yet financial payouts from ransomware attacks are rising.

procedureKrishna Subramanian, co-founder and COO of Komprise, recommends that organizations protect unstructured data from ransomware by moving cold, inactive data to immutable object storage where it cannot be modified.

referenceBarracuda published a threat spotlight on a ransomware campaign where threat actors targeted individuals by displaying pictures of their homes and threatening physical harm to extort payment.

measurementThe financial severity of ransomware attacks increased by 411% last year, according to research from the company Resilience.

accountThe UHC/Change Healthcare ransomware incident impacted private medical practices by disrupting revenue cycle management.

perspectiveDaniel dos Santos, head of security research at Forescout Research and Vedere Labs, expects that while ransomware strategy will not change significantly in the coming year, there will be an increase in cases and organizations exposing victims on data leak pages.

measurementRansomware attacks increased by 81% between 2023 and 2024.

accountSelena Larson, staff threat researcher at Proofpoint, observes that ransomware operators have shifted from targeting individual consumers to 'big game hunting' enterprise businesses for tens of millions of dollars over the last two decades.

claimNorth Korea will continue using ransomware and crypto theft to sustain its regime.

perspectiveCybersecurity strategies must shift toward advanced data protection, AI-driven threat detection, and continuous employee training to mitigate risks from sophisticated phishing and ransomware attacks.

claimRansomware groups are evolving tactics to increase pressure on victims by encrypting company data, exfiltrating sensitive information, and threatening to release it publicly if the ransom is not paid.

perspectiveKrishna Vishnubhotla advises CISOs to prioritize advanced app-level security, phishing defenses, and proactive monitoring in mobile environments to counter the threat of ransomware.

accountIn early 2024, ransomware groups targeted large organizations serving critical societal functions, specifically citing Change Healthcare and Ascension Healthcare as examples.

claimLarge legacy organizations are vulnerable to ransomware because they often have smaller in-house IT teams and rely on third-party partners to maintain systems, which increases the attack surface.

claimHackers have shifted their focus to supply chain vulnerabilities because a single attack can disrupt hundreds or thousands of companies simultaneously, increasing potential ransomware payouts and providing access to large amounts of data for sale on the black market.

claimAlex Holland, principal threat researcher at HP Security Lab, predicts that threat actors will use AI to craft highly successful ransomware campaigns in 2025.

claimRansomware extortion methods, including double extortion using data leaks, triple extortion with DDoS attacks, accelerated encryption, and attacks on virtualization servers, were common up to 2022.

claimKrishna Subramanian, co-founder and COO of Komprise, asserts that unstructured data is highly vulnerable to ransomware attacks due to its large surface area, widespread use, and rapid growth, and that cybercriminals can use it as a Trojan horse to infect enterprises.

claimMichael Smith, field CTO at Vercara, asserts that businesses failing to prioritize protection against ransomware, nation-state attacks, and phishing will be especially vulnerable, putting customer trust and data at heightened risk.

claimFederal agencies are heavily investing in system detection to monitor for potential bad actors due to global factors such as geopolitical conflict and the rising threat of ransomware.

measurementZimperium's Mobile Banking Heist Report found that in 2023, 29 malware families targeted 1,800 mobile banking apps, with several showing early-stage ransomware capabilities.

measurementAccording to the 2023 Verizon Data Breach Investigations Report (DBIR), ransomware or extortion was involved in nearly one-third of all data breaches.

claimCredentials exposed in infostealer logs serve as a primary gateway for enterprise attacks, providing initial access that often leads to ransomware or data extortion.

claimLegacy organizations in sectors like airlines, railways, and energy production are top targets for ransomware in 2025 because they manage complex blends of hardware and software across continents and often rely on older systems.

claimIn 2025, cybercriminals are expected to exploit supply chain vulnerabilities, ransomware, IoT botnets, and AI-driven social engineering.

perspectiveBob Bobel, the CEO and founder of Cayosoft, predicts that ransomware groups will increasingly target critical infrastructure organizations in 2025 because these targets are more likely to pay high ransoms to resolve the urgent disruptions caused by such attacks.

claimBalazs Greksza, threat response lead at Ontinue, predicts that in 2025, larger and more successful ransomware groups will face increased international attention from law enforcement, leading to more takedowns, extraditions, and arrests.

claimRansomware attacks are increasing year over year and the number of groups launching these attacks is rising, despite international law enforcement operations that have broken up large criminal cartels.

claimDanielle Coady, vice president at Index Engines, states that data integrity has become a top organizational priority due to the rise in ransomware attacks.

claimNew models capable of analyzing massive amounts of public and stolen data will be used to create tailor-made ransomware that matches a customer's specific situation and requests a perfect ransom amount.

claimIn 2025, ransomware will increasingly serve as a precursor to larger attacks, with the primary threat shifting toward data exfiltration and extortion, particularly in highly-regulated industries like healthcare where breach disclosure is mandatory.

claimBob Bobel expects a sharp increase in demand for disaster recovery solutions in 2025 to complement existing frontline defense solutions against ransomware.