The proportion of businesses paying ransoms to hackers surged to 24.3 percent in 2025, a significant increase from 14.4 percent in 2024, according to a study by cybersecurity firm S-RM and advisory group FGS Global. This notable rise follows two years of declining payments, reflecting heightened concerns among cybersecurity experts about a possible trend reversal. The data reveals a marked escalation in ransom payments, which ranged from $10,000 to over $1 million, with the average payment reaching $296,000.
The study attributes this alarming increase to criminals employing artificial intelligence to execute more sophisticated and personalized cyberattacks. Despite a drop from the 27.6 percent seen in 2022, the jump in 2025 has raised red flags within the cybersecurity community, emphasizing the ongoing risk to businesses across sectors.
Industrial and manufacturing companies bore the brunt of these attacks, with the sector reporting the highest ransom payments. The report indicates that operational disruptions caused by ransomware incidents have driven this trend, as companies prioritize restoring functionality over potential reputational damage. High-profile victims in 2025 included automotive giant Jaguar Land Rover, which faced a month-long shutdown of factories worldwide following an IT systems breach. Other notable targets included Marks & Spencer and Co-op, though none have confirmed whether they paid ransoms.
Jamie Smith, head of cybersecurity at S-RM, highlighted the increasingly targeted nature of these attacks, stating that attackers are now using AI to identify “the most sensitive information that could cause maximum damage.” He noted that threats are becoming more specific and personalized, designed to incite fear and compel victims to comply with ransom demands.
Jenny Davey, co-head of crisis management at FGS, described AI as a “double-edged sword” for businesses. “While AI can drive efficiency and performance across the business, it can also open up new attack vectors for cybercriminals to exploit,” she warned. This duality presents a significant challenge for companies striving to leverage AI for operational benefits while safeguarding against its potential misuse.
The findings of the study shed light on a sensitive subject that many businesses tend to avoid discussing publicly, as there is a prevalent fear that acknowledging ransom payments could make them more appealing targets for future attacks. The report refrains from identifying specific companies that have paid ransoms but underscores a growing trend in which criminals customize their attacks to maximize financial and reputational damage.
As organizations struggle with the implications of these developments, the cybersecurity landscape continues to evolve. The rising trend of ransom payments reflects not only the increasing sophistication of cybercriminals but also the challenges faced by businesses in navigating the complexities posed by AI. Looking ahead, companies must not only bolster their defenses against potential attacks but also develop strategies to mitigate the risks associated with paying ransoms, as this may inadvertently fuel an ongoing cycle of threats.
See also
CrowdStrike Surges with 120% ARR Growth, Outpacing Palo Alto’s Platform Strategy
Microsoft Reports North Korean Threat Actors Use AI to Enhance Cyberattack Tactics
Top 10 AI Security Companies of 2026: Key Innovations and Industry Insights
Stryker Faces Cyberattack by Handala Team, Impacting 5,000 Employees and Supply Chains
SentinelPro AI Launches Advanced Cybersecurity Platform for SMBs and Enterprises
