BY Richard Summerfield
According to a new report from S-RM and FGS Global on cyber incidents, ransomware remains the biggest threat to organisations, but the widespread implementation of artificial intelligence (AI) by businesses is creating new opportunities for cyber criminals.
The report, which draws on data from over 800 incidents recording over 2025, notes that the cyber threat landscape is changing, and companies must respond accordingly.
The adoption of AI agents and automated workflows is helping to create new categories of non-human identities that can inadvertently amplify the impact of a cyber attack. Furthermore, cyber criminals are employing AI to create personalised attacks, and to identify, exploit and damage secret corporate information.
The report also notes that the number of businesses paying ransoms has increased for the first time in two years, with industrials and manufacturing companies paying more often, likely due to the operational disruption caused by these attacks.
According to the report, 24 percent of ransomware victims ended up paying out in 2025, up from 14 percent in 2024. The US continues to be at most risk of cyber attacks, with 60 percent of incidents involving US-based organisations. Asia-Pacific also recorded an increase in attacks. Over 760 organisations across the Asia-Pacific region were named on ransomware leak sites, a 59 percent increase on the previous year. The UK saw a 5 percent increase in cyber victims from 2024 to 2025.
In 2025, organisations encountered 67 different threat actors, an increase of 16 percent from the previous year. The average ransom paid was $296,000, with $1.9m the highest recorded payment cited in the report.
“We are moving into uncharted territory where the speed and sophistication of cyber attacks are out maneuvering traditional defenses,” said Jamie Smith, global managing director, cyber security at S-RM. “What once took weeks now takes days, and what took days, now takes hours. Attackers are no longer just encrypting systems; they are using AI to find the most sensitive information that could cause maximum damage to an organization and using this as leverage. The result is more targeted extortion that goes beyond generic threats of data publication. Threats are becoming specific and more personalized, designed to maximize the victim’s fear and willingness to pay.
“As more companies embed AI agents in their workflows, the risk rises exponentially,” he continued. “AI agents should be treated as untrusted identities, with least-privilege access to systems, continuous monitoring and explicit segmentation from sensitive systems or AI adoption risks creating privileged, opaque intermediaries that threat actors can manipulate for maximum harm.”
“Ransomware incidents are highly feared by Boards and leadership teams, and for good reason,” said Jenny Davey, global co-head of the crisis & issues management practice at FGS Global. “As recent high-profile attacks have shown, they can have crippling consequences on a business’s operations, financial situation and reputation – and the knock-on effects can be significant and far-reaching.
“As Boards consider the implementation of AI agents and automated workflows across their business, they must be mindful that it can be a double-edged sword: while AI can drive efficiency and performance across the business, it can also open up new attack vectors for cybercriminals to exploit and therefore present new reputational risks.
“Boards must also remain mindful of how AI is enabling cybercriminals to be more sophisticated in communications and engagement with victim organizations, and how it is driving and sharpening threats that are cyber-adjacent, such as deepfakes, synthetic media and misinformation campaigns. These can be particularly reputationally damaging if not handled swiftly and with care,” she added.