SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Worried it professional computer digital lock broken shadowy cyber threats
#
DR
#
Advanced Persistent Threat Protection
#
Email Security

Ransomware attacks rise again as insurance uptake drops in 2025

Thu, 2nd Oct 2025
Author image
By Catherine Knowles, News Editor

New data shows ransomware attacks have increased among businesses for the first time in three years.

The Hornetsecurity Ransomware Impact Report found that 24% of businesses reported being victims of a ransomware attack in 2025, jumping from 18.6% in 2024 and ending a period of decline in such incidents.

This increase in attacks comes as cybercriminals employ a broader set of tactics and exploit new technologies to breach organisational defences. The study highlighted that, while traditional phishing remains the primary approach in 46% of incidents, there is an increasing use of compromised endpoints (26%) and stolen credentials (25%) among attackers seeking initial access.

Insurance uptake drops

Despite the resurgence of ransomware activity, the report notes a decline in businesses taking out ransomware insurance. Less than half of surveyed organisations (46%) reported being insured, a decrease from 54.6% in 2024.

Daniel Hofmann, Chief Executive Officer of Hornetsecurity, commented, "Following a multi-year decline in ransomware attacks, 2025 marks a critical turning point for organisations to strengthen their security against faster, smarter, and AI-automated ransomware attacks."
He continued, "It is concerning to see a reduction in businesses investing in ransomware insurance while attacks are on the rise. It's worth noting, however, that it has become more difficult than ever for businesses to procure insurance for these situations. While hackers continue to use a wider variety of tactics, it's clear that organisations must increase their security provisions if they are to succeed against these nefarious actors."
"For example, next-gen email security solutions are effective in keeping threats from reaching inboxes, while security awareness solutions help end-users spot more advanced threats like social engineering. Pair those with immutable backup storage and you have an effective strategy for guarding critical data against ransomware. These tools are effective whether the business is insured for ransomware or not," said Hofmann.

AI-powered attacks

The report also shows how organisations are responding to threats driven by artificial intelligence. Phishing attacks overall declined (down to 46% in 2025 from 52.3% in 2024), but 77% of Chief Information Security Officers flagged the rise of AI-assisted phishing as a significant and emerging risk.

On response and resilience, the proportion of organisations paying ransomware demands fell to 13% in 2025 from 16.3% a year prior. Enhanced readiness is reflected in other findings: 82% of businesses have a Disaster Recovery Plan, and 62% use immutable backups to insulate critical data from ransomware threats.

Cybersecurity training gaps

Despite increased ransomware preparedness, many businesses struggle with effective employee training. While 74% of organisations provide end-user training around ransomware, 42% of security leaders acknowledged that these programmes are insufficient or ineffective. The report highlights the issue of "false compliance", particularly among small and mid-sized businesses, where basic awareness training meets compliance requirements but does not necessarily lead to effective risk mitigation.

This lack of depth can lead to continued human errors, especially against more sophisticated methods like social engineering or AI-driven phishing, a finding echoed in parallel research from Proofpoint. According to the report, 66% of CISOs identified human error as the dominant cause of incidents, notably through internal compromise and data leaks.

"To be effective, cybersecurity awareness training must be ongoing, relevant, and tailored to each individual, which is only realistically possible if it is automated by a next-gen, AI-powered solution such as our Security Awareness Service," added Hofmann, underlining a need for more adaptive and persistent training efforts.

Defence expectations

Hofmann concluded, "While it is heartening to see a decrease in ransom payments, there can be no room for complacency. The new standard for businesses in fighting against ransomware is to deploy a comprehensive cyber-defence which not only protects against initial breaches, but also acts to prevent future threats, and ensures resilient systems capable of swift recovery if incidents do occur."

The findings are based on a global quantitative survey conducted by Hornetsecurity with 386 IT professionals in August 2025.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
UK unveils new Cyber Unit amid mixed funding concerns
Europe warned over AI security gap despite AI Act lead
Codific sets 2026 priorities for boards on cyber risk
Punkt unveils MC03 privacy-first smartphone with Proton
UK unveils GBP £210m plan to bolster cyber defences

Top stories

AI in 2026: fragile data, hybrid clouds & profit race
Hydrolix unveils Bot Insights to expose costly AI bots
AI to transform business risk, trust & compliance by 2026
Cybanetix boosts MDR growth with AI & rapid response
ScotlandIS seeks entries for 2026 digital tech awards