Ransomware intrusions involving data encryption dropped from 70% in 2024 to 50% in 2025, as the prevalence of extortion-only attacks increased twofold to 6% this year, Cybersecurity Dive reports.
Organizations with over 3,000 employees were impacted by most of the attacks involving data encryption, while those with up to 250 employees had increased odds of experiencing data extortion incidents, according to a Sophos report. Moreover, average ransom demands and payments to decline by 34% and 50% year-over-year, respectively, while more than half of IT and cybersecurity leaders reported paying less than attackers' demands. Additional findings revealed elevated anxiety about succeeding attacks among 41% of respondents whose organizations had been hit by ransomware. "This is not unexpected, but it's often not accounted for in incident response plans. Organizations should be thinking about how they are going to help incident responders deal with the stress of recovering from an attack," said Recorded Future threat intelligence analyst Allan Liska.
Organizations with over 3,000 employees were impacted by most of the attacks involving data encryption, while those with up to 250 employees had increased odds of experiencing data extortion incidents, according to a Sophos report. Moreover, average ransom demands and payments to decline by 34% and 50% year-over-year, respectively, while more than half of IT and cybersecurity leaders reported paying less than attackers' demands. Additional findings revealed elevated anxiety about succeeding attacks among 41% of respondents whose organizations had been hit by ransomware. "This is not unexpected, but it's often not accounted for in incident response plans. Organizations should be thinking about how they are going to help incident responders deal with the stress of recovering from an attack," said Recorded Future threat intelligence analyst Allan Liska.
