Despite improved defensive measures, 69% of organizations are still affected by ransomware attacks.
This is according to new research from Veeam. Ransomware attacks are becoming increasingly sophisticated and widespread, posing significant challenges for organizations worldwide. The recent Veeam report, “From Risk to Resilience: Veeam 2025 Ransomware Trends and Proactive Strategies Report,” shows that the percentage of companies affected by ransomware attacks has fallen slightly from 75% to 69%. However, the threat remains substantial.
The slight decline can be attributed to improved preparation and resilience practices and closer collaboration between IT and security teams. Nevertheless, recovery results after attacks are alarming: only 10 percent of affected organizations were able to recover over 90 percent of their data, while 57 percent recovered less than half of their data.
Changing tactics of attackers
Veeam’s research identifies several key trends for 2025. For example, threat actors adapt their tactics due to increasing pressure from law enforcement agencies. Coordinated actions against large ransomware groups such as LockBit and BlackCat have led to increased activity from smaller groups and independent attackers.
A worrying development is the increase in attacks aimed at data exfiltration. In these attacks, cybercriminals do not encrypt data, but focus on stealing sensitive information such as personal data, financial records, or intellectual property. Organizations with weak security measures are particularly vulnerable, as attackers exploit vulnerabilities within hours.
A positive development is the decline in ransomware payments. According to the report, 36% of affected organizations chose not to pay the ransom. Of those who did pay, 82% paid less than the initial ransom and 60% paid less than half that amount.
Tip: Veeam revamps backup infrastructure with software appliance