trending
Ransomware is staging a comeback. After several years of decline, attacks surged again in 2025, affecting nearly a quarter of businesses worldwide, according to new research from cybersecurity provider Hornetsecurity.
The findings carry stark warnings for the payments industry, where operational disruption, data compromise and reputational damage can be devastating.
Report Findings
The report found that 24 per cent of organisations experienced a ransomware incident this year, up from 18.6 per cent in 2024.
The sharp reversal reflects the increasing sophistication of cybercriminals, who are deploying artificial intelligence to bypass traditional defences.
Phishing remains the most common attack vector, accounting for 46 per cent of cases, but threats are evolving: compromised endpoints (26 per cent) and stolen credentials (25 per cent) are now frequent entry points.
Implications for Payments
For payment processors, merchants and financial institutions, the implications are severe.
Service interruptions can paralyse transaction flows, while compromised data may expose millions of consumers to fraud. Yet despite the escalating threat, the number of organisations with ransomware insurance has fallen.
Fewer than half (46 per cent) are insured, down from more than 54 per cent last year—a reflection of rising premiums and tougher underwriting.
AI is transforming the threat landscape.
Over three-quarters (77 per cent) of Chief Information Security Officers surveyed said they consider AI-powered phishing an imminent danger.
While the overall proportion of phishing attacks fell slightly, the quality and realism of messages created using AI models make them harder for employees to spot.
The risk is compounded by persistent human error: two-thirds of CISOs cited insider mistakes as the primary driver of incidents, underlining the need for deeper cultural change.
Progress Being Made
Some progress is evident. The share of victims paying ransoms has fallen to 13 per cent, down from 16.3 per cent a year ago, thanks to better preparation.
More than four-fifths of organisations now have a disaster recovery plan, and 62 per cent employ immutable backup storage, allowing them to restore systems without caving in to extortion.
However, training remains a weak spot.
While nearly three-quarters of businesses offer awareness programmes, 42 per cent of security leaders admit these remain superficial or ineffective.
“Tick-box” compliance, particularly among small and mid-sized firms, risks creating a false sense of resilience.
For the payments industry, the lesson is clear: cybersecurity defences must evolve as quickly as the threats themselves.
Deploying advanced email security, investing in AI-driven awareness tools, and hardening infrastructure against breaches are no longer optional—they are business-critical.
In a landscape where a single ransomware incident can halt global transaction flows, preparedness is not a cost centre but a competitive necessity.
Comments