Attackers are increasingly leveraging generative AI to streamline operations.
Ransomware attacks surged by 146% over the past year, with ten major ransomware groups collectively exfiltrating 238 terabytes of data – up from 123 TB the year before.
According to Zscaler’s 2025 ThreatLabz Ransomware Report, attackers are increasingly leveraging generative AI to streamline operations, prompting calls for organisations to adopt Zero Trust security frameworks to limit lateral movement and prevent data loss.
Industries hit hardest include manufacturing, technology, and healthcare, which together experienced more than 2,600 incidents. The oil and gas sector saw a dramatic 900% spike in attacks, driven by expanding digital infrastructure and persistent security gaps.
The U.S. remains the top target, accounting for half of all global ransomware incidents—more than double the combined total across the next 14 most-targeted countries.
“Ransomware tactics continue to evolve, with the growing shift toward extortion over encryption as a clear example,” said Deepen Desai, EVP of cybersecurity at Zscaler. “GenAI is also increasingly becoming part of the ransomware threat actor’s playbook, enabling more targeted and efficient attacks. As threats advance, security measures must keep pace.”
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show.
Outside work, Dan supports Tottenham Hotspur, manages mischievous cats, and samples the finest craft beers.
