Report Reveals Shocking Details On Ransomware Attacks

The report shows that ransomware attacks are on a slight decline, but attacks are getting more aggressive.

A new report from Semperis takes a look at the current state of ransomware risk and some of the revelations are shocking.

While ransomware is on a slight decline, ransomware gangs are getting more aggressive, including threatening business leaders with physical harm, according to the report.

Semperis, a cybersecurity firm that specializes in identity security, on Thursday released its “2025 Ransomware Risk Report: Essential Guidance for Building Operational Resilience Against Cyberattacks.”

The report is based on responses from over 1,500 IT and security professionals in 10 countries and across eight industries.

Forty percent of business executives have received threats of physical harm during ransomware attacks, according to the report.

“The report shows that bad actors are finding new ways to force victims’ hands, with 40% involved in physical threats against executives and staff. That was especially true for the energy (53%), IT/Telecoms (45%) and finance (41%) sectors. Unsurprisingly, business owners receive the brunt of the threats over half the time,” said former ransomware negotiator Jeff Wichman, in an emailed statement to MES Computing.

Wichman said that the report data showed that midmarket organizations received these kinds of threats 37 percent of the time.

“While we didn’t dive into specifics, based on my time as a negotiator, I’ve seen ransomware groups threaten physical safety and even reference personal details about executives’ families or homes. These are fear tactics that apply psychological pressure to extract payments quickly,” Wichman added.

The report included other key findings:

• 78 percent of those surveyed were targeted by ransomware within the past 12 months
• 73 percent of organizations attacked by ransomware, were attacked multiple times again
• 76 percent of organizations attacked by ransomware said they needed more than a day to return to normal operations

“The most important thing that you can do to prevent yourself from falling victim to a ransomware attack is … to prepare your business for disruption: to have backups in place, to ensure that your technology is as secure as possible, that you’ve implemented multi-factor authentication, that you’ve patched your internet-facing devices,” Jen Easterly, former director of the Cybersecurity and Infrastructure Agency (CISA) was quoted in the report.

Semperis also offered a few tips for organizations to defend against ransomware:

• Prepare for changing attack tactics
• Protect the IAM (Identity and Access Management) infrastructure
• Document, train, and test response
• Evaluate third-party security

“Paying ransoms should never be the default option. While some circumstances might leave the company in a no-choice situation, we should acknowledge that it’s a downpayment on the next attack. Every dollar handed to ransomware gangs fuels their criminal economy, incentivizing them to strike again. The only real way to break the ransomware scourge is to invest in resilience, creating an option to not pay ransom,” Semperis CEO Mickey Bresman said in the report.

Access Semperis’ full report here.