REPORT

Ransomware Cyberattacks Analysis: 2025 Summary

We analyze the situation over the past year in terms of cybersecurity, reviewing the main ransomware campaigns that have affected private and public organizations.

RANSOMWARE ENG

DOWNLOAD REPORT
What will you find in this report?

Annual summary of ransomware cyberattacks

Ransomware overview and evolution 2024–2025

Between 2024 and 2025, ransomware increased by more than 100% in Spain (from 62 to 134 incidents) and reinforced double and triple extortion techniques globally.

Economic Impact and ransomware situation: global and Spain context

Ransomware ransom payments reached a median of up to 2 million USD in 2024, and in Spain attacks grew by more than 116%, consolidating it as one of the main threats.

Types and variants of ransomware attacks

Ransomware-as-a-Service (RaaS), Double and Triple Extortion, Virtualization Environment Ransomware, “No-Encryption” Ransomware

Most Targeted Sectors by Ransomware

Both globally and in Spain, including industrial sectors, healthcare, construction, and technology.

Outlook for 2026

In 2026, ransomware will become more automated and targeted, driven by AI and RaaS models, reinforcing double extortion and the need for robust backups and response strategies.

In 2026, ransomware will no longer be just an encryption-based attack but will evolve into a data-driven extortion threat, powered by AI and RaaS models, requiring true resilience, immutable backups, and a defense strategy focused on identity protection and early detection to contain its impact.

Subscribe to our newsletter and stay updated on the latest in technology and cybersecurity.
accio-10-negre (1)
pyme_innovadora_meic-SP_web
kit consulting cabecera