The first six months of 2025 has seen a worrying rise in the volume of cyberattacks and ransomware attacks globally, with organisations suffering 47% more weekly attacks than the first half of the previous year.
It has had a lot to do with the sophistication of cybercriminal operations, which are increasingly run as highly organized, almost franchised, businesses.
A 126% increase in reported ransomware attacks was observed for Q1 2025, concerning in particular, versus this time last year. Bad actors are capitalizing on a “ransomware-as-a-service” (RaaS) business model that makes ransomware attacks simple and profitable for attackers.
This commoditization of cybercrime “goods” means that even inexperienced attackers can buy pre-rigged exploits, or attac services to hijacked environments on underground forums and encypted messaging platforms.
Industries that depend on digital infrastructure, including education, government and telecommunications, have suffered disproportionately.
The education sector, for example, has been subjected to an average of more than 4,400 attacks a week. The increasing interconnectivity of digital systems, as well as their public exposure, renders these critical infrastructure industries targets for financially motivated cybercriminals and even nation-state actors.
The weaponization of AI by bad actors is one of the key causes of this concerning trend. AI is being used to produce more believable phishing emails, run ransomware campaigns, and manufacture deepfakes for advanced social engineering attacks.
“Because of that, you get criminals crafting really, really targeted, really, really personalized kind of attacks that just cut through that kind of stuff.”
The financial cost of these actions is devastating, and worldwide losses from cybercrime are estimated to grow to $13.82 trillion by 2028. Added to this, the cost of the downtime incurred by the organization should a data breach occur is liable to be costly, and further still comes the risk of reputational damage or legal liabilities due to data compromisation or failure to comply with data protection regulations.
Security professionals, meanwhile, are warning of an immediate requirement for extra vigilance, monitoring, and a move toward “zero-trust” environments. Companies were encouraged to spend on AI-based security tools, enable multi-factor authentication and emphasise the training and awareness of employees to address social engineering attempts.
Global collaboration and public-private partnerships are also considered to be essential in order to share the threat intelligence and create effective protections in this changing threat environment.
