Hornetsecurity report warns of AI-driven threats as attacks rise and insurance coverage drops
Ransomware attacks are back on the rise, reversing a three-year downward trend, according to Hornetsecurity’s newly released Ransomware Impact Report. The cybersecurity firm found that 24% of organisations were hit by ransomware in 2025—up sharply from 18.6% the previous year.
The uptick is driven by increasingly sophisticated tactics, including AI-powered phishing and credential theft. While traditional phishing remains the top entry point in 46% of cases, compromised endpoints (26%) and stolen credentials (25%) are gaining ground.
Despite the growing threat, fewer organisations are investing in ransomware insurance. Only 46% reported having coverage, down from 54.6% in 2024. Hornetsecurity CEO Daniel Hofmann called the trend “concerning,” noting that insurance is becoming harder to procure even as attacks intensify.
“2025 marks a critical turning point for organisations to strengthen their security against faster, smarter, and AI-automated ransomware attacks.”
—Daniel Hofmann, CEO, Hornetsecurity
“Hackers continue to diversify their methods,” Hofmann said. “Organisations must increase their security provisions if they are to succeed against these nefarious actors.”
The report highlights a disconnect between awareness and action. While 74% of organisations offer end-user training, 42% of security leaders admit their programs are ineffective—often reduced to superficial “tick-box” compliance. This false sense of preparedness leaves businesses vulnerable to social engineering and AI-generated phishing, which 77% of CISOs now identify as a real and emerging threat.
Still, there are signs of progress. Only 13% of victims paid a ransom, down from 16.3% in 2024. Disaster recovery planning is now standard practice for 82% of organisations, and 62% use immutable backups to protect critical data.
Hornetsecurity’s findings echo broader industry concerns about the human factor in cybersecurity. With 66% of CISOs citing human error as the leading cause of incidents, Hofmann urged companies to adopt AI-powered awareness training and next-gen email security to stay ahead of evolving threats.
For more information, visit www.hornetsecurity.com.