New research from cybersecurity leader Hornetsecurity reveals that ransomware attacks against businesses are on the rise again. In 2025, 24% of organizations reported experiencing a ransomware incident, a notable jump from 18.6% in 2024. This increase marks the end of a multi-year decline in such attacks, according to Hornetsecurity’s annual Ransomware Impact Report.
The uptick is largely driven by cybercriminals adopting more advanced methods and leveraging emerging technologies to bypass traditional defenses. While conventional phishing remains the top attack vector—accounting for 46% of incidents—other tactics, including exploiting compromised endpoints (26%) and stolen credentials (25%), are becoming increasingly prevalent.
Despite the growing threat, fewer organizations are investing in ransomware insurance. Less than half (46%) of businesses now have coverage, down from 54.6% in 2024.
Cyber Technology Insights : Databricks Data Intelligence Platform for Cybersecurity Launches with BigID
CEO Daniel Hofmann Comments on Rising Threats
Daniel Hofmann, CEO of Hornetsecurity, stated, “After years of declining ransomware incidents, 2025 represents a pivotal moment for organizations to reinforce their defenses against faster, smarter, and AI-driven ransomware attacks. It’s concerning to see fewer businesses securing ransomware insurance even as attacks increase. Obtaining insurance has become more challenging, making it essential for organizations to bolster their security strategies.”
Hofmann highlighted the importance of a layered defense: next-generation email security to prevent threats from reaching inboxes, user awareness programs to counter social engineering, and immutable backup systems to protect critical data. These measures provide protection whether or not a business holds ransomware insurance.
AI-Powered Threats and Business Preparedness
The report noted a decrease in overall phishing attacks over the past year (46% in 2025, down from 52.3% in 2024). However, the rise of AI-generated phishing is a growing concern, with 77% of CISOs identifying it as a major emerging threat.
Encouragingly, improved preparedness appears to be reducing the impact of attacks. The proportion of victims paying ransoms dropped to 13% in 2025 from 16.3% in 2024. Most organizations have implemented robust recovery measures, with 82% maintaining a Disaster Recovery Plan and 62% using immutable backups.
Cyber Technology Insights : Quest Software Announces New AI-Enabled Capabilities Across Identity, Data, and Migration Platforms
Cybersecurity Training Still Falls Short
Although 74% of organizations report offering end-user training on ransomware, 42% of security leaders admit their training remains insufficient or ineffective. Hornetsecurity warns that “false compliance”—when organizations meet minimum cybersecurity awareness requirements without meaningful follow-up—continues to pose a risk, especially against sophisticated phishing and social engineering attacks.
Leadership and Governance Lag Behind
Human error remains the leading cause of security incidents. According to Proofpoint, which recently announced plans to acquire Hornetsecurity, 66% of CISOs identify human factors as the primary attack vector, particularly for data leaks and internal breaches. While cybersecurity training is improving, it is often superficial, reinforcing the limitations of “check-box” compliance programs.
Hofmann emphasized, “Effective cybersecurity awareness requires ongoing, relevant, and personalized training, ideally automated through AI-powered solutions like our Security Awareness Service. While it’s encouraging to see fewer ransom payments, organizations cannot afford complacency. The modern standard for defending against ransomware involves a comprehensive, proactive cyber-defense strategy that protects against breaches, prevents future attacks, and ensures rapid recovery.”
Cyber Technology Insights : Wing Security Evolves into an AI Security–Centric Company, Extends Platform
To participate in our interviews, please write to our CyberTech Media Room at sudipto@intentamplify.com
