Scienza e Tecnologia
First increase in ransomware attacks in three years driven by new technology
While attacks are increasing, the number of organisations investing in ransomware insurance is down year on year, with less than half of all businesses (46%) making sure they are insured against these attacks, compared to 54.6% last year.
The study showed an overall reduction in phishing attacks over the past 12 months (52.3% in 2024 vs 46% in 2025). However, the increase in the use of AI-generated phishing was identified by over three quarters of CISOs (77%) as a growing threat.
Despite new and emerging challenges, preparations and improvements in recovery capabilities appear to be paying off, with the proportion of victims paying ransoms at 13% compared to 16.3% in 2024. Improved preparedness has become standard, as 82% of organisations surveyed now have a Disaster Recovery Plan, and 62% utilise immutable backups.
While the research showed positive actions from businesses when it came to certain cybersecurity provisions, cybersecurity training is shown to still be lacking. While three quarters (74%) of organisations reported offering end-user training against ransomware attacks, over two fifths of security leaders (42%) admitted that their training was insufficient or ineffective.
The report discusses the growing issue among small and mid-sized businesses (SMBs) of "false compliance". This occurs when organisations meet a superficial level of cybersecurity awareness, often through check-box training, but lack adequate follow-up. This contributes to ongoing human error, particularly when sophisticated phishing and social engineering tactics are employed.
According to Proofpoint (that recently announced its planned acquisition of Hornetsecurity), human error remains the dominant source of incidents: 66% of CISOs identify the human factor as the primary attack vector, particularly in terms of data leaks and internal compromise. Although training is improving, it often remains superficial (42% consider it inadequate). These findings corroborate Hornetsecurity's conclusions on the limitations of "compliance tick-box" programmes.
For more information about Hornetsecurity's 2025 Ransomware Report, click here.
Results gathered from a global quantitative survey of 386 IT professionals, conducted by Hornetsecurity in August 2025 .
Hornetsecurity is a leading global provider of next-generation cloud-based security, compliance, backup, and security awareness solutions that help companies and organisations of all sizes around the world. Its flagship product, 365 Total Protection, is the most comprehensive cloud security solution for Microsoft 365 on the market. Driven by innovation and cybersecurity excellence, Hornetsecurity is building a safer digital future and sustainable security cultures with its award-winning portfolio. Hornetsecurity operates in more than 120 countries through its international distribution network of 12,000+ channel partners and MSPs. Its premium services are used by more than 125,000 customers. For more information, visit www.hornetsecurity.com.
Image - https://mma.prnewswire.com/media/2782872/Hornetsecurity_1.jpg
Image - https://mma.prnewswire.com/media/2782873/Hornetsecurity_2.jpg
Logo - https://mma.prnewswire.com/media/2033076/5532271/Hornetsecurity_Logo.jpg
View original content:https://www.prnewswire.co.uk/news-releases/first-increase-in-ransomware-attacks-in-three-years-driven-by-new-technology-302572278.html