Microsoft

Business Email Compromise (BEC) accounted for 21% of successful cyber attacks, surpassing ransomware at 16%.

Data theft accounted for 37% of cyber-attacks, while 33% had an extortion component and 19% involved ransomware or destructive activity.

28% of breaches in 2025 were initiated through phishing or social engineering.

Over 40% of ransomware attacks in 2025 had a hybrid component.

The total cybercrime value in Africa jumped from $192 million to $484 million in the past year.

AI-powered phishing campaigns achieve a 54% click-through rate, over four times higher than traditional phishing.

AI-driven phishing is now three times more effective than traditional phishing campaigns.

The number of cybercrime victims in Africa rose from 35,000 to 87,000 in the past year.

52% of all cyberattacks with known motives are driven by extortion and ransomware as of October 22, 2025.

Phishing-resistant multi-factor authentication (MFA) can block over 99% of identity-based attacks.

In 80% of cyber incidents, attackers aimed primarily to steal data.

There has been a 195% global increase in AI-generated identities used to bypass verification systems.

Microsoft processes over 100 trillion signals daily and blocks approximately 4.5 million new malware attempts each day.

The use of AI-driven forgeries grew by 195% globally in 2025.

In 2025, Microsoft thwarted $4 billion in fraud attempts and blocked 1.6 million bot-driven or fake account sign-ups every hour.

Espionage accounts for only 4% of cyberattacks, indicating a shift toward financially motivated cybercrime rather than state-sponsored operations as of October 22, 2025.

Microsoft estimates that the cost to mitigate basic cyber risks across all approximately 2,100 rural hospitals in the U.S. would be between $70 million and $75 million.

Just 29% of the surveyed rural hospitals separated basic accounts from more privileged accounts with broader system and data access.

Most of the approximately 1,000 independent rural hospitals are not part of a larger hospital network or system

More than 62% of rural hospitals struggle to implement basic email security, multifactor authentication, and network segmentation.

On average, each rural hospital would need to spend between $30,000 and $40,000 to address their cybersecurity vulnerabilities.

Only 43% of the surveyed rural hospitals ran vulnerability scanning or conducted timely patching processes.