A new report from Delinea, a provider of identity security solutions, has found that 69% of organisations worldwide fell victim to ransomware attacks over the past year, with 27% experiencing multiple incidents.

The 2025 State of Ransomware Report, based on insights from over 1,000 IT and security leaders, highlights an evolving threat landscape driven by AI-powered attacks and stolen credentials.
While only 57% of organisations paid ransoms, down from 76% in 2024, attackers are increasingly turning to extortion tactics, with 85% of ransomware victims threatened with data exposure.
Art Gilliland, CEO at Delinea, stated: “Ransomware has evolved into a shape-shifting, AI-enabled threat that no business can afford to underestimate.
"In order to combat the sophistication of today's attacks, organisations must fight AI with AI and embrace proactive, identity security strategies like zero trust architecture, Privileged Access Management, and continuous credential monitoring to stay ahead.” Art Gilliland
The report highlights the double-edged sword of AI, with threat actors using it to automate phishing campaigns and impersonate individuals, while defenders are leveraging AI for faster threat detection and response.
Ninety per cent of organisations are now using AI in their ransomware defence strategies, particularly within Security Operations Centres (64%), for analysing Indicators of Compromise (62%), and to prevent phishing (51%).
Despite this, many organisations are falling short in essential security practices, with only 34% enforcing least privilege access controls and 57% implementing application control measures. Recovery times remain lengthy, with 75% of victims taking up to two weeks to fully restore operations.