The rising trend of businesses paying ransoms to cybercriminals has reached a concerning 24.3 percent in 2025, reflecting a notable increase from 14.4 percent in the previous year, according to a study by cybersecurity firm S-RM and advisory group FGS Global. This surge follows two years of declining ransom payments, highlighting a shift in the cybersecurity landscape.
Ransom payments in 2025 varied significantly, with amounts ranging from $10,000 to over $1 million, and the average payment recorded at $296,000. Industrial and manufacturing sectors were particularly affected, reporting the highest ransom demands. High-profile incidents included a global factory shutdown for automotive company Jaguar Land Rover after an IT breach, along with attacks on Marks & Spencer and Co-op, although the latter two have not disclosed if ransoms were paid.
Experts attribute this increase to the use of artificial intelligence by attackers, resulting in more targeted and sophisticated cyberattacks. Jamie Smith from S-RM noted that criminals are leveraging AI to locate sensitive information, crafting threats that are specifically designed to induce fear in victims. Jenny Davey from FGS highlighted the dual nature of AI as a tool for efficiency and a potential risk, indicating a significant challenge for businesses seeking to balance operational advancements with cybersecurity measures.