State of ransomware in 2025 securelist.com/state-of-…

With the International Anti-Ransomware Day just around the corner on May 12, Kaspersky explores the ever-changing ransomware threat landscape and its implications for cybersecurity. According to Kaspersky Security Network data, the number of ransomware detections decreased by 18% from 2023 to 2024 – from 5,715,892 to 4,668,229. At the same time, the share of users affected by ransomware attacks increased by 0.02 p.p. to 0.44%. This smaller percentage compared to other cyberthreats is explained by the fact that attackers often don’t distribute this type of malware on a mass scale, but prioritize high-value targets, which reduces the overall number of incidents.

That said, if we look at incidents at organizations requiring immediate incident response services that were mitigated by Kaspersky’s Global Emergency Response Team (GERT), we’ll see that 41.6% of them were related to ransomware in 2024, compared to 33.3% in 2023. Targeted ransomware is likely to remain the primary threat to organizations around the world for the foreseeable future.