- Ransomware attacks impacted 24% of organisations in 2025, up from 18.6% in 2024
- 77% of CISOs identify AI-powered phishing as a significant and emerging threat
- Only 46% of organisations hold ransomware insurance, down from 54.6% in 2024
New research by leading cybersecurity provider Hornetsecurity reveals that a quarter (24%) of businesses reported falling victim to ransomware attacks in 2025 – a notable rise from 18.6% in 2024. These findings, part of Hornetsecurity’s annual Ransomware Impact Report, signal the end of a three-year decline in such incidents.
Ransomware Attacks Targeting Businesses
The surge in attacks comes as cybercriminals diversify their tactics and exploit emerging technologies to evade defences. Traditional phishing remains the primary attack vector, accounting for nearly half of incidents (46%), but the report highlights a growing reliance on compromised endpoints (26%) and stolen credentials (25%) as increasingly common points of entry.
Despite the uptick in attacks, fewer businesses are securing ransomware insurance. Just 46% of organisations reported having coverage against such incidents in 2025, compared to 54.6% the previous year.
Commenting on the findings, Daniel Hofmann, CEO of Hornetsecurity, said: “Following a multi-year decline in ransomware attacks, 2025 marks a critical turning point for organisations to strengthen their security against faster, smarter, and AI-automated ransomware attacks.
“It is concerning to see a reduction in businesses investing in ransomware insurance while attacks are on the rise. It’s worth noting, however, that it has become more difficult than ever for businesses to procure insurance for these situations. While hackers continue to use a wider variety of tactics, it’s clear that organisations must increase their security provisions if they are to succeed against these nefarious actors. For example, next-gen email security solutions are effective in keeping threats from reaching inboxes, while security awareness solutions help end-users spot more advanced threats like social engineering. Pair those with immutable backup storage and you have an effective strategy for guarding critical data against ransomware. These tools are effective whether the business is insured for ransomware or not.”
