It will be no surprise to those following the news that ransomware attacks have continued to surge over the past year, despite fewer victims paying, with a growing number of adversaries tapping a vast cyber underground, trading in the latest hacking tools and upskilling their campaigns.
Fresh research from identity security platform Delinea shows that firms are falling victim to these attackers due to persistent critical security gaps, with the result that a staggering 69% of global organisations have been hit by ransomware – 27% more than once.
Delinea’s 2025 State of Ransomware Report reveals that despite 90% of executives expressing concern over ransomware threats, security is too often falling short.
For example, just 57% have implemented application control measures, while only 30% of UK businesses have adopted the principle of least privilege.
Considered best practice, having least privilege principles in place allows users and machines only those permissions essential for completing their tasks, and no more. That means users can’t install insecure applications, while access for risky third-party suppliers is limited, and lateral movement paths used by cyber-attackers can be blocked.
On a brighter note, however, Delinea also found that organisations are stepping up their basic cyber hygiene.
More than three-quarters (78%) now perform regular updates, 73% maintain backups of critical files, while 69% use password best practices, rising from just 48% in 2023.
Defenders are also increasingly relying on AI to detect and respond to threats faster, with 90% of organisations now using the tech in their ransomware defence strategies, primarily within Security Operations Centres (64%), for analysing indicators of compromise (62%), and to prevent phishing (51%).
Recommended reading
The problem is, cyber-criminals are getting smarter about using AI, too, leaning on it to automate phishing scams, create deepfake videos to impersonate trusted people, and launch faster, more sophisticated attacks, making it harder for current anti-ransomware tactics to keep up.
And when a cyber-attack lands, the fallout can be serious.
According to Delinea, 75% of companies hit by ransomware take up to two weeks to recover, while previous research from security firm Illumio paints an even starker picture, with 58% of affected firms having to stop operations entirely, and 40% reporting lost revenue as a result.
“Ransomware has evolved into a shape-shifting, AI-enabled threat that no business can afford to underestimate,” said Art Gilliland, CEO at Delinea.
“In order to combat the sophistication of today’s attacks, organisations must fight AI with AI and embrace proactive, identity security strategies like zero trust architecture, privileged access management, and continuous credential monitoring to stay ahead.”
Don’t Miss Scotland’s Biggest Tech Event!
Join us at DIGIT Expo West on 5th June at the SEC Glasgow. Get leading industry insights across AI, Cyber Security, and Data, and grow your network at Scotland’s largest gathering of tech leaders – with 1500+ attendees, 50+ speakers, and 50+ exhibitors.
Register your FREE place now at
