In 2024, the percentage of ransomware victims who paid a ransom increased markedly to 16.3%, more than double the previous year’s 6.9%, according to a recent study by Hornetsecurity. Data loss also skyrocketed, rising from 17.2% in 2023 to 30.2% in 2024. Additionally, 5% of organizations reported a complete loss of the affected data.

These trends coincide with a decline in data recovery rates, which have fallen to a new low. And the growing sophistication of cyberattacks has reduced the data recovery rate of companies affected by ransomware from 87.4% in 2021 to 66.3% in 2024.

“Generative AI is changing the rules of the ransomware game, making attacks smarter and organizations understandably more nervous. It is promising to see more and more companies taking out ransomware insurance, but awareness is not enough,” says Daniel Hofmann, CEO of Hornetsecurity.

Ransomware and data loss

The study also revealed that email and phishing attacks remain the most common attack vectors for ransomware, responsible for 52.3% of attacks. Although the volume of attacks has decreased slightly, from 21.1% in 2021 to 18.6% in 2024, the severity of these attacks has increased.

Daniel Hofmann highlights the need for constant vigilance in the face of the evolving threat landscape. Data indicates that although fewer attacks are reported, the results are much more damaging, with potentially devastating consequences for affected organizations.

Generative AI: a double-edged sword

Generative AI has increased concerns about these types of cyberattacks, with 66.9% of respondents indicating greater concern. Although 89.4% of companies recognize the risks, only 56.3% of leaders are actively involved in prevention strategies.

Similarly, 84.1% of respondents consider ransomware protection an IT priority, and 87% have established disaster recovery plans. However, some organizations do not adequately prioritize this threat.

Well, although 95.8% value cybersecurity training, there are concerns about time and cost. The majority of ransomware attacks come from emails and phishing, underscoring the need for ongoing and up-to-date training.

Trends in awareness and insurance

Awareness of the impact of ransomware on Microsoft 365 data has improved significantly, with only 9.8% of respondents now unsure of its vulnerability, up from 25.3% in 2022. In addition to this, the Ransomware insurance adoption has increased markedly, with 54.6% of organizations purchasing coverage in 2024, up from 37.9% in 2022.