Ransomware continues to be the primary threat to large and medium-sized businesses, with cybercriminals increasingly using artificial intelligence (AI) to automate attacks, according to the Acronis Cyberthreats Report H1 2025. The report, released by Singapore-founded Acronis, a leader in cybersecurity and data protection, highlights a 70% rise in ransomware victims compared to previous years, with AI playing a significant role in the surge.
The report, based on data from over 1,000,000 unique endpoints worldwide, reveals that phishing accounted for 25% of all attacks and 52% of those targeting managed service providers (MSPs), marking a 22% increase from H1 2024. Gerald Beuchelt, Chief Information Security Officer at Acronis, noted, “Even the least sophisticated attackers today have access to advanced AI capabilities, generating social engineering attacks and automating their activities with minimal effort.”
Key findings indicate that ransomware groups such as Cl0p, Akira, and Qlin are the most active, with AI significantly boosting social engineering and business email compromise (BEC) attacks. Social engineering and BEC attacks rose from 20% to 25.6% in early 2025 compared to the same period in 2024, driven by AI’s ability to craft convincing impersonations.
Manufacturers were the most targeted industry, accounting for 15% of ransomware cases in Q1 2025, followed by retail, food and drink (12%), and telecommunications and media (10%). The report underscores the need for a comprehensive cyber protection strategy to combat these evolving threats.
“`
