AI Accelerates Human-Led Ransomware Attacks

- Generative AI tools are used to create highly convincing phishing emails, develop polymorphic malware that changes its code to evade detection, and write malicious code faster. - The financial impact of cybercrime is projected to reach $8.25 trillion annually by 2025. The average cost to recover from a ransomware attack, excluding the ransom itself, was $2.73 million in 2024. - Ransomware attacks are growing in volume, with a 45% increase in incidents recorded on the dark web in 2025 compared to the previous year. This is partly driven by a Ransomware-as-a-Service (RaaS) model, which allows less skilled criminals to rent the necessary tools. - Attackers are increasingly using double and triple extortion tactics; in the second quarter of 2025, 74% of campaigns involved stealing data before encrypting it, with threats to leak the information publicly. - The number of vulnerabilities associated with ransomware grew to 382 in 2023, with the MOVEit Transfer vulnerability (CVE-2023-34362) being used to compromise more than 1,000 organizations. - For cybersecurity professionals, AI is seen as a tool that improves job efficiency, with 82% of professionals agreeing on this point. It is shifting human roles toward more strategic work like threat analysis and systems architecture. - Paying the ransom is often ineffective; nearly 80% of organizations that paid the ransom were targeted a second time, and only 47% of those who paid received their data back uncorrupted. - Critical infrastructure sectors are primary targets, with healthcare being heavily affected. By mid-2025, 54% of all healthcare organizations had reported being hit by ransomware attacks.