2025年勒索软件风险报告

“I do believe that we can make ransomware ashocking anomaly. And that is the world I wantto live in: a world where software vulnerabilitiesare so rare that they make the nightly news, but attack-related business disruptions continue Increased frequency and sophistication of attacks, identitysystem compromise, and legacy vulnerabilities top the list of JenEasterly FormerDirector of the Cybersecurity To build business resilience, organizations must balancecybersecurity efforts across people, processes, and technology A World Without Ransomware?We Aren’t There Yet. Business leaders are catching up with the business benefits “Paying ransoms shouldnever be the default option.While some circumstancesmight leave the company ina no-choice situation, weshould acknowledge that it’sa downpayment on the next The spread of generative AI, an increasing concern about agentic AI attacks, rising geopolitical tensions, global regulatory shifts … manynew developments have occurred since we released the2024 Ransomware Risk Report. Has the ransomware landscape shifted as a result? There’s good news in this year’s findings: Ransomware attack frequency and success saw modest decreases. But as former US NationalCyber Director and Semperis Strategic Advisor Chris Inglis told us, “Now is not the time for complacency. True regret isn’t not knowing whatyou should have done; it’s not having done what you knew was needed and had the means to do.” Organizations across the globe still see cyberattacks as the biggest threat to business resilience, and an increase in the frequency andsophistication of those attacks is their top cybersecurity concern. Fortunately, business leaders now seem to agree; lack of Board support for What can organizations do to prepare for the new generation of AI-driven attacks? Our panel of experts weighs in on steps you can taketoday to reduce ransomware threats that exploit legacy vulnerabilities and the identity infrastructure—organizations’ other two topcybersecurity concerns—while managing business resilience challenges, including regulatory compliance. We hope you find these tips For this report, we partnered with international research firm Censuswide, expanding the scope of our study to include10 countriesand8industry sectorsacrossNorth America, Europe, the United Kingdom, and Asia Pacific.The2025 Ransomware Risk Reportoffers a more We encourage you to share this information with your IT and security teams. Most important, share these findings with yourorganization’s business leadership—and build alignment around the actions your organization must take to ensure operational resilience MickeyBresmanSemperisCEO Key Findings Attack sophistication and legacy vulnerabilities threatencyber—and business—resilience. Adopting an assume breach mindset is still necessary. of respondents were targeted by ransomware within thepast 12 months. Of companies that were successfullyattacked,73% were attacked multiple times—31% of organizations citedcybersecurity threats as the topthreat to business resilience.Despite a drop this year inransomware attack frequency and success, increasedfrequency and sophistication of attacks were the topcybersecurity challenge for37%of respondents, followed 50% Ransom payment and business disruptions are of successful attacks resulted in ransom payment;55% paid multiple times.Ransom payments in the USincreased over last year, with81%of organizations payingup. In addition, victims experiencedjob and data lossesas Bad actors are finding new ways to force victims’ hands. of attacks leveragedthreats to file regulatory complaintsagainst the victims, while40%involvedphysical threats Identity infrastructure represents an area of Ransom payments do not guarantee recovery. of ransomware victims that paid eitherdid not receivedecryption keys or received corrupted keys.An additional3%received usable keys but discovered that the attackershad published or otherwiseillegally used their stolen data. of attacks compromised the identity infrastructure.Yet many organizationsstill lack AD recovery plansand CONTRIBUTING EXPERTS TABLE OFContents Jen EasterlyFormer Director of the Cybersecurity Chris InglisFormer US National Cyber Director Sanjay PoonenCohesity CEO Are WeGaining GroundAgainst Ransomware? Malcolm TurnbullFormer Australian Prime MinisterSemperis Strategic Advisor Getting Back to Business… Eventually Mickey BresmanSemperis CEO Identityat the Heart ofDefense— Sean DeubySemperis Principal Technologist Meeting the Moment:Where Do We Go from Here? Guido GrillenmeierSemperis Principal Technologist (EMEA) Courtney GussSemperis Director of Crisis Management Appendix:Ransomware Risk by Country and Industry Yossi RachmanSemperis Director of Security Research Jeff WichmanSemperis Director of Incident Response Are We Gaining GroundAgainst Ransomware? Are ransomware attacks really decreasing? “Improvements in procedures and tools that enable faster patching or tha