SCATTERED SPIDER moved from initial access to encryption by deploying ransomware in under 24 hours in one observed case

The United States accounted for over half of all ransomware victims in H1 2025.

The U.S. was the top ransomware target, accounting for 53% of all ransomware incidents, in H1 2025.

US-based companies experienced physical threats in 46% of ransomware attacks.

In Singapore, the extortion threat in ransomware attacks surged to 66%, a jump of 40% and the highest among the surveyed countries.

In the US, 47% of companies paid ransoms multiple times.

38% of companies that paid ransoms did so multiple times.

69% of companies victimized by ransomware paid a ransom.

The second biggest cybersecurity challenge facing organizations is attacks against organizations' identity infrastructure, most commonly Active Directory (32%).

44% of German firms experienced physical forms of intimidation in ransomware attacks.

11% of companies paid ransoms three times or more.

Nearly 20% of companies that paid a ransom either received corrupt decryption keys or the hackers still published stolen data

The top cybersecurity challenge facing organizations is the sophistication of attacks (37%).

Ransomware has risen by 179% since the start of 2025.

In 40% of ransomware attacks, threat actors threatened to physically harm executives at organizations that declined to pay a ransom demand.

50% of respondents cited cybersecurity threats as the top threat to business resilience.

In Singapore, 50% of companies paid ransoms multiple times.

In the US, the rate of regulatory blackmail threats (hackers threatening to file regulatory complaints against victims if they didn't report the ransomware incident) jumped to 58%, representing a 23% increase.

47% of attacked companies across various countries (US, UK, France, Germany, Spain, Italy, Singapore, Canada, Australia, New Zealand) reported that hackers threatened to file regulatory complaints against them if they didn't report the ransomware incident.

In real-world situations within the private sector, if a ransom payment ban were to take hold, 15% of UK business leaders said they would be neither likely nor unlikely to comply with such a ban.