According to the 2025 State of Ransomware Survey from CrowdStrike, 76 per cent of global organisations struggle to match the speed and sophistication of artificial intelligence (AI)-powered attacks. With 89 per cent viewing AI-powered protection as essential to closing the gap, the findings make clear that the future of stopping breaches will be decided by who holds the AI advantage, adversaries or defenders.
Key findings from the 2025 state of ransomware survey:
- Legacy defenses fall behind:48 per cent of organisations cite AI-automated attack chains as today’s greatest ransomware threat, while 85 per cent report traditional detection is becoming obsolete against AI-enhanced attacks.
- Speed defines the security outcome:Nearly 50 per cent of organisations fear that they can’t detect or respond as fast as AI-driven attacks can execute, with fewer than a quarter recovering within 24 hours and nearly 25 per cent suffering significant disruption or data loss.
- Social engineering evolves with AI:Phishing remains a leading attack vector, with 87 per cent saying AI makes lures more convincing and deepfakes emerging as a major driver of future ransomware attacks.
- Paying ransom fuels repeat attacks:83 per cent of organisations that paid a ransom were attacked again and 93 per cent had data stolen anyway.
- The leadership disconnect:76 per cent report a disconnect between leadership’s perceived ransomware readiness and actual preparedness, underscoring the urgent need for board-level buy-in to modernise defenses.
Commenting on the report, Elia Zaitsev, chief technology officer, CrowdStrike, said, “From malware development to social engineering, adversaries are weaponising AI to accelerate every stage of attacks, collapsing the defender’s window of response. The 2025 State of Ransomware Survey reinforces that legacy defenses cannot match the speed or sophistication of AI-driven attacks. Time is the currency of modern cyber defense – and in today’s AI-driven threat landscape, every second counts.”
