An increasing number of companies are paying ransoms to cybercriminals following ransomware attacks, as hackers deploy more advanced tactics powered by artificial intelligence.
A recent study by cybersecurity firm S-RM and advisory group FGS Global found that 24.3% of companies hit by cyberattacks paid ransom demands in 2025, a sharp rise from 14.4% in 2024 and 16.4% in 2023.
Despite the increase, the rate remains below the 27.6% peak recorded in 2022, the report noted.
FCRF Launches Flagship Certified Fraud Investigator (CFI) Program
AI making cyberattacks more effective
Cybersecurity experts say hackers are increasingly using artificial intelligence to identify sensitive information and craft targeted threats.
Jamie Smith, head of cybersecurity at S-RM, said attackers are now using AI “to find the most sensitive information that could cause maximum damage.”
He added that “threats are becoming specific and more personalised, designed to maximise the victim’s fear and willingness to pay.”
This shift is making ransomware attacks more effective, particularly when criminals threaten to release confidential data or disrupt critical systems.
Industrial sector among hardest hit
The study found that industrial and manufacturing companies were more likely to pay ransoms, largely because ransomware attacks can halt operations and cause major financial losses.
Businesses in these sectors often face pressure to restore systems quickly, making ransom payments appear to be the fastest way to resume operations.
Cybersecurity analysts say attackers deliberately target organisations where operational disruption can cause immediate financial damage.
Major companies targeted by hackers
Several high-profile companies experienced cyberattacks in 2025, including Jaguar Land Rover, which had to shut down factories worldwide for nearly a month after an IT breach.
Retail giants Marks & Spencer and Co-op were also targeted in cyber incidents last year. None of the companies publicly confirmed paying ransom demands.
Experts note that many companies avoid acknowledging ransom payments because they fear it could encourage future attacks.
FutureCrime Summit 2026: Registrations to Open Soon for India’s Biggest Cybercrime Conference
Ransom demands vary widely
According to the report, ransom demands ranged from $10,000 to more than $1 million, with the average payment around $296,000.
While some organisations refuse to pay and rely on backups or recovery systems, others choose to pay in order to quickly regain access to critical data and operations.
Jenny Davey, co-head of crisis management at FGS Global, described artificial intelligence as a “double-edged sword” for businesses.
She said that while AI improves efficiency, it also creates new vulnerabilities that cybercriminals can exploit.
Growing cybersecurity challenge
Experts warn that ransomware attacks are becoming a major threat to companies worldwide, as criminals increasingly combine data theft, system disruption and psychological pressure to force victims into paying.
As cyber threats evolve, businesses are being urged to strengthen security systems, maintain secure backups and adopt stronger authentication measures to reduce the risk of costly ransomware attacks.
About the author – Rehan Khan is a law student and legal journalist with a keen interest in cybercrime, digital fraud, and emerging technology laws. He writes on the intersection of law, cybersecurity, and online safety, focusing on developments that impact individuals and institutions in India.
