2025 Ransomware Risk Report

The top cybersecurity challenge facing organizations is the sophistication of attacks (37%).

The second biggest cybersecurity challenge facing organizations is attacks against organizations' identity infrastructure, most commonly Active Directory (32%).

In the US, the rate of regulatory blackmail threats (hackers threatening to file regulatory complaints against victims if they didn't report the ransomware incident) jumped to 58%, representing a 23% increase.

US-based companies experienced physical threats in 46% of ransomware attacks.

47% of attacked companies across various countries (US, UK, France, Germany, Spain, Italy, Singapore, Canada, Australia, New Zealand) reported that hackers threatened to file regulatory complaints against them if they didn't report the ransomware incident.

Nearly 20% of companies that paid a ransom either received corrupt decryption keys or the hackers still published stolen data

11% of companies paid ransoms three times or more.

In 40% of ransomware attacks, threat actors threatened to physically harm executives at organizations that declined to pay a ransom demand.

44% of German firms experienced physical forms of intimidation in ransomware attacks.

69% of companies victimized by ransomware paid a ransom.

38% of companies that paid ransoms did so multiple times.

In the US, 47% of companies paid ransoms multiple times.

In Singapore, the extortion threat in ransomware attacks surged to 66%, a jump of 40% and the highest among the surveyed countries.

In Singapore, 50% of companies paid ransoms multiple times.

50% of respondents cited cybersecurity threats as the top threat to business resilience.