Ransomware is already one of the biggest challenges for governments, companies and citizens. It is not isolated incidents or attacks aimed only to large corporations: the phenomenon has even reached the AA.PP, hospitals, universities and small companies. According to the latest annual Ransomware 2025 report by ZScaler, Spain has experienced alarming growth. In just twelve months, incidents have gone from 62 in 2024 to 134 in 2025, which represents an increase of more than 116%. Our country already represents 2% of global attacks, standing in the world top 15.

A proposal from the United Kingdom

While cybercounts perfect their tactics and take advantage of more and more tools based on artificial intelligence to automate campaigns, some governments have begun to react. The United Kingdom has put on the table a measure that could change the rules of the game: prohibit the payment of bailouts by public entities and critical infrastructure operators.

The objective is evident: hitting the economic model that sustains ransomware bands. By preventing attackers from receiving funds from strategic institutions, it seeks to reduce the profitability of this illicit business and stop the most harmful attacks.

“Rescue payments perpetuate the attacks. United Kingdom seeks to break that cycle by the profitability of ransomware attacks and reducing the risk that their most critical organizations are victims of them. As we saw with the dismantling of the Lockbit Ransomware Net Cybernetics in Zscaler.

The objective is evident: hit the economic model that supports ransomware bands

A new European model against ransomware

The British proposal includes measures that could be extended soon to other European countries. Among them stand out:

The prohibition of payments in the public sector and in critical infrastructure, so that taxpayers’ money does not end in the hands of criminals.
The obligation to notify payments in the private sector, which would allow the authorities to monitor possible breaches of sanctions and offer technical alternatives.
The creation of a broader report regime, in order to obtain greater transparency and improve the response capacity against ransomware.

Sloan warns that the success of these measures depends on international cooperation: “If European governments collaborate and adopt a approach similar to the proposed, the multiplier effect will decide even more to the attackers and make the continent more secure. The alternative, continue paying bailouts and suffering interruptions, is simply not sustainable.”

Artificial Intelligence: A double -edged sword

The report also highlights the role of artificial intelligence in the evolution of ransomware. On the one hand, criminal groups are using it to automate phishing campaigns, improve the propagation speed and create more sophisticated malware. On the other, the organizations themselves can rely on AI to reinforce their defenses and detect anomalies more quickly.

Here the paradox arises: the same technology that allows us to accelerate digital innovation is also feeding a new generation of attacks increasingly difficult to detect. This scenario forces governments and companies to rethink their cybersecurity strategy.

Resilience as the only way out

Experts agree that there are no magical formulas or infallible shields. What can be built is resilience, that is, the ability to resist, respond and recover after an attack. In this sense, Zero Trust -based architectures gain prominence, since they minimize the exposure surface and force to continuously verify identity and access to critical resources.

As Sloan emphasizes, “before this scenario of constantly evolving threats, enhanced by artificial intelligence -based attacks, it is more important than ever that companies apply a solid and proactive resilience strategy, based on a Zero Trust architecture.”

Spain, between vulnerability and opportunity

The remarkable growth of ransomware attacks in Spain is an alert signal for business fabric and public institutions. But it is also an opportunity to promote regulatory changes, accelerate the adoption of more advanced security frameworks and promote international cooperation.

Alex Chen
Alex Chen

Alex Chen serves as the chief editor of Asia Tech Journal, bringing over a decade of experience in technology journalism. Previously writing for several globally renowned publications, Alex is celebrated for his insightful analyses and in-depth reporting on tech trends across Asia. Passionate about innovation, Alex specializes in the dynamic technology ecosystem of China and its global impacts.