Ransomware threats surge as phishing grows, damages may hit $275 billion
Recent research from KnowBe4 indicates a 57.7% increase in ransomware payloads delivered through phishing attacks between 1 November 2024 and 15 February 2025 when compared to the previous three months. This finding emphasises the significance of phishing as a primary method for ransomware to gain initial access to organisational systems.
The impact of ransomware on organisations remains severe, with global damages forecasted to reach USD $275 billion annually by 2031. Data from the 2025 Verizon Data Breach Investigations Report further reveals that ransomware was involved in 44% of all analysed breaches, a marked rise from 31% in the prior year.
Social engineering, and phishing specifically, has been increasingly exploited by cybercriminals to distribute ransomware. KnowBe4 notes that as these attack methods evolve, organisations must focus on mitigating the human risk inherent to their operations.
Five steps to reduce risk
To support efforts to minimise ransomware exposure, KnowBe4 has outlined five strategies for organisations to bolster their human layer of defence:
First, organisations are encouraged to tailor cybersecurity training by role. Providing timely, role-specific and personalised training helps address the unique threats and responsibilities of different departments, which can lead to a reduction in employee behaviours often targeted by ransomware attackers.
Second, running realistic phishing simulations is recommended. Regular simulations model current threat tactics, which can assist in building employees' critical thinking skills and foster instinctive resistance to phishing-based ransomware attacks.
Third, promoting a no-blame reporting culture is suggested. Encouraging employees to immediately report any suspicious emails or activities, regardless of whether they have made an error, enables more effective and quicker ransomware response and containment.
Fourth, maintaining a focus on ransomware awareness is essential. Organisations should run continuous awareness campaigns, utilising ongoing reminders, visuals, and regular communication, so that ransomware threats remain prominent and vigilance across the workforce is reinforced.
Finally, deploying advanced anti-phishing technology can complement human defences. Solutions powered by artificial intelligence and machine learning are increasingly able to identify and neutralise sophisticated phishing attacks, including those carrying zero-day ransomware payloads, often before they reach employee inboxes.
Social engineering and workforce vigilance
As ransomware attacks rise in prevalence and sophistication, KnowBe4 is calling attention to the important role social engineering plays in making organisations susceptible to compromise. "Ransomware remains one of the largest cyber threats an organization can face–and it all starts with social engineering," said Roger Grimes, Data-Driven Defence Evangelist at KnowBe4. "As reports continue to highlight the varied forms of phishing as the most prevalent access vector for ransomware-related attacks, organizations must prioritize reducing human risk first and foremost. This Ransomware Awareness Month, it is crucial for every organization to understand their strongest defense against ransomware is actually their workforce."
The escalation in both the volume and the impact of ransomware cases through 2025 points to the critical need for organisations to address human factors in their cybersecurity strategies. The combination of tailored training, realistic testing, supportive internal cultures, ongoing awareness campaigns, and advanced technical defences forms a comprehensive approach against social engineering-led ransomware attacks.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
17 hours ago
- Techday NZ
Ransomware threats surge as phishing grows, damages may hit $275 billion
KnowBe4 has highlighted the growing threat posed by ransomware, particularly through social engineering tactics, urging organisations to strengthen their human defences during Ransomware Awareness Month. Recent research from KnowBe4 indicates a 57.7% increase in ransomware payloads delivered through phishing attacks between 1 November 2024 and 15 February 2025 when compared to the previous three months. This finding emphasises the significance of phishing as a primary method for ransomware to gain initial access to organisational systems. The impact of ransomware on organisations remains severe, with global damages forecasted to reach USD $275 billion annually by 2031. Data from the 2025 Verizon Data Breach Investigations Report further reveals that ransomware was involved in 44% of all analysed breaches, a marked rise from 31% in the prior year. Social engineering, and phishing specifically, has been increasingly exploited by cybercriminals to distribute ransomware. KnowBe4 notes that as these attack methods evolve, organisations must focus on mitigating the human risk inherent to their operations. Five steps to reduce risk To support efforts to minimise ransomware exposure, KnowBe4 has outlined five strategies for organisations to bolster their human layer of defence: First, organisations are encouraged to tailor cybersecurity training by role. Providing timely, role-specific and personalised training helps address the unique threats and responsibilities of different departments, which can lead to a reduction in employee behaviours often targeted by ransomware attackers. Second, running realistic phishing simulations is recommended. Regular simulations model current threat tactics, which can assist in building employees' critical thinking skills and foster instinctive resistance to phishing-based ransomware attacks. Third, promoting a no-blame reporting culture is suggested. Encouraging employees to immediately report any suspicious emails or activities, regardless of whether they have made an error, enables more effective and quicker ransomware response and containment. Fourth, maintaining a focus on ransomware awareness is essential. Organisations should run continuous awareness campaigns, utilising ongoing reminders, visuals, and regular communication, so that ransomware threats remain prominent and vigilance across the workforce is reinforced. Finally, deploying advanced anti-phishing technology can complement human defences. Solutions powered by artificial intelligence and machine learning are increasingly able to identify and neutralise sophisticated phishing attacks, including those carrying zero-day ransomware payloads, often before they reach employee inboxes. Social engineering and workforce vigilance As ransomware attacks rise in prevalence and sophistication, KnowBe4 is calling attention to the important role social engineering plays in making organisations susceptible to compromise. "Ransomware remains one of the largest cyber threats an organization can face–and it all starts with social engineering," said Roger Grimes, Data-Driven Defence Evangelist at KnowBe4. "As reports continue to highlight the varied forms of phishing as the most prevalent access vector for ransomware-related attacks, organizations must prioritize reducing human risk first and foremost. This Ransomware Awareness Month, it is crucial for every organization to understand their strongest defense against ransomware is actually their workforce." The escalation in both the volume and the impact of ransomware cases through 2025 points to the critical need for organisations to address human factors in their cybersecurity strategies. The combination of tailored training, realistic testing, supportive internal cultures, ongoing awareness campaigns, and advanced technical defences forms a comprehensive approach against social engineering-led ransomware attacks.
Techday NZ
2 days ago
- Techday NZ
Bebop reaches USD $1.2 million ARR in 45 days with SME focus
Bebop, an AI-driven sales enablement product developed by Black Pearl Group, has recorded USD $1.2 million in annual recurring revenue (ARR) within 45 days of its market launch. The announcement highlights Bebop as being the fastest-growing product in the company's portfolio, reaching its ARR milestone at twice the speed set by Pearl Diver, another product from the same company that attained USD $10 million in ARR over 24 months. Access for SMEs According to Black Pearl Group, many small and medium-sized enterprises (SMEs) have traditionally found themselves excluded from access to high-quality sales intelligence due to the cost and scale of established platforms such as ZoomInfo, Clearbit, and Apollo. Bebop is intended to address this gap. The company reports that Bebop provides rapid access to highly targeted lists of verified decision-makers at millions of US-based companies, supported by personalised strategic dossiers. Nick Lissette, Chief Executive Officer, commented on the product's rapid uptake: "Bebop is like ChatGPT, but specifically built for sales and revenue growth. This is one of the fastest go-to-market trajectories we've seen across the SaaS and AI landscape, and customers have rapidly validated our value proposition. We hit it out of the park with Pearl Diver, so it's extremely exciting to see Bebop overtake its impressive early adoption. Bebop's traction validates our core thesis: that speed, usability, and value drive adoption. And our platform was built to scale these advantages, fast" Positioned on cost The company states that Bebop delivers sales intelligence tools similar in function to existing enterprise solutions but is priced to make such tools accessible to SMEs. This approach, Black Pearl Group claims, meets growing demand for AI-based and cost-effective sales applications tailored to SME needs. Lissette further said, "There's rising demand for AI-native, cost-effective sales tools that solve real SME challenges. With Bebop, we imagined unlocking unlimited revenue opportunities and cutting-edge business intelligence. Early customer feedback highlights Bebop's ability to 'save hours in research,' 'generate customers effortlessly,' and 'bring the power of AI to the everyday business owner'. That's real results; and a real threat to Silicon Valley sales giants." He contrasted Bebop's capability with earlier generations of business-to-business sales software, which he described as depending largely on SQL queries with interfaces optimised to simplify data retrieval. According to Lissette, Bebop's design provides a distinct experience by understanding both the offerings of a business and its relevant target market, ultimately helping to generate actionable insights for revenue generation. Lissette stated, "Bebop has intelligence at its core – genuinely understanding what a business provides and exactly who needs it. Our product delivers a fundamentally different experience that unlocks deep insights that fuel measurable revenue growth." Product development and outlook Bebop was built and brought to market within 90 days, which the company credits to its ongoing investment in its proprietary Pearl Engine software and underlying data infrastructure. The company suggests this effort illustrates its ongoing technology-driven approach to product development. Lissette added, "That conviction has been validated. The results show Bebop is not just viable – it's a force multiplier for BPG's revenue growth. It now stands alongside Pearl Diver as a key driver in our product portfolio, reinforcing our strategy of building scalable, high-impact tools for customer acquisition." He continued, "Bebop's rapid market-fit means our line of sight on USD $20 million ARR is even clearer. And this also will greatly contribute to our medium target of USD $50 million ARR." Karen Cargill, Interim Chief Financial Officer, remarked, "We have deliberately invested since our capital raise into platform development and talent acquisition. The vision and engine is working. Our investment and market timing have aligned. With two products both demonstrating scale and demand, we're well positioned for sustained growth."
Techday NZ
2 days ago
- Techday NZ
Exclusive: AI drives new cyber threats & resilience strategies in APJ
There is both opportunity and risk, as artificial intelligence (AI) is adopted at enterprises across the region, according to Ben Young, Field CTO for APJ at Veeam. He also sees businesses are under pressure not only to adopt new technologies but also to shore up their defences as adversarial groups increasingly harness the same innovations for malicious purposes. "Every single vertical can benefit from some form of AI adoption," Young asserts. "But it's a double-edged sword. Just as we're trying to innovate, the threat groups-cyber adversaries-are leveraging AI as well." He points to the growing accessibility of AI-powered toolkits that lower the bar for launching attacks: "There are tools you can buy for a few hundred USD a month as a subscription, and they allow non-experts to write malware or deploy very convincing phishing campaigns. Large language models can push spear phishing click-through rates from industry averages of 12% up to 54%." This sharp escalation in the sophistication and volume of threats comes at a pivotal time when organisations are also accelerating their AI strategies. Veeam, which originally established its brand in backup and disaster recovery, is rapidly expanding its portfolio to address an evolving landscape, protecting hybrid environments, SaaS platforms, and even providing storage for backup workloads. Young notes that the company's partnerships, especially with Microsoft on Azure, have enabled it to offer backup-as-a-service while leveraging global economies of scale-critically, with "no egress and no API transaction fees." However, he's quick to add that adaptability is part of its core: "It's on the roadmap for other clouds to run these things, because not everyone's an Azure shop." The broadening definition of business resilience now brings backup and security disciplines much closer together. 90% of cyber attacks focus on backup repositories, which has resulted in disaster recovery and cybersecurity being intertwined. "Backups are the last resort, and threat actors know it. If they take out your backups, your only options are to pay the ransom and hope for the best," Young explains. Veeam's acquisition of CoveWare, an incident response firm, enables the direct integration of real-world telemetry and threat intelligence into Veeam's product development and customer education initiatives. Changing regulations are also playing a critical part. The recently enacted Japanese cyber defence bill mandates the reporting of ransomware incidents and the development of regular response plans. Young applauds this direction, noting, "It's critical we talk about incidents-otherwise these are not board-level discussions and security teams struggle for budget." He points out that cyber extortion is no longer a niche risk. Financial institutions and public sector organisations, in particular, are contending with increasingly sophisticated AI-enabled attacks while balancing compliance, governance, and privacy regulations across diverse national boundaries. The surge in 'shadow IT'-where departments launch unsanctioned SaaS, AI applications or cloud projects-presents new blind spots. "We're seeing lots of little shadow IT projects, especially as people rush to experiment with AI. When that gets to production, who is looking after that system? It's the same shadow IT problem we've seen for years, now amplified by the ease of consuming AI services," Young says. This requires a step change in visibility. Veeam is responding by mapping and analysing customers' data footprints and building automated support, monitoring, and reporting features through its observability platform. The company's AI-powered 'Veeam Intelligence Engine' is designed to suggest remediations, generate code samples, and flag risks in natural language-"making support and reporting far more accessible," says Young. The complexity of emerging architectures compounds the challenge of AI adoption. "We're really good at protecting databases and webservers because we know what they are and how to back them up. But with the introduction of vector databases, AI agents, and model training checkpoints, we need new strategies," Young explains. The potential cost and risk of a failed AI project, such as losing weeks of model training due to corrupted data, is prompting enterprises to consider backup and recovery for infrastructure previously outside the IT remit. "Agents are going to be central to the future, especially with more reliable, reflective AI systems. The good news is, most of these platforms run on environments-Kubernetes, cloud infrastructure-that we already protect." Young identifies security lapses as a persistent oversight in the current rush to implement AI: "It's the shiny new thing, and the basics can be forgotten. If we can get people thinking about security as part of their DNA while deploying AI, they'll be better off." He cautions that most SaaS providers operate a shared responsibility model: "Microsoft or Salesforce take care of the platform, not your data. If it's deleted from the cloud, it's gone-vendors won't provide a full backup. Your data is your responsibility." Against this backdrop, keeping pace with threats requires organisation-wide preparation. Veeam's customer workshops and regular incident simulations demonstrate a commitment to education as a proactive defence. "Preparation is the key: practice and plan. Use your tools, test your backups, scan for vulnerabilities, and have a response plan. Yara signature rules, for example, can be imported to scan for specific attack strains in backup archives," Young says, emphasising the importance of practical readiness over theoretical robustness. Young notes that Veeam's AI and resilience roadmap is anchored in five pillars: infrastructure resilience, intelligence, security pre- and post-attack, and business value extraction from archived data. The company's long-standing data integration API, for instance, enables the surfacing of unstructured data, ranging from images to documents, for AI applications, analytics, or compliance. "AI applications require fuel, and that fuel is data. Unlocking value from our organisations means thinking beyond expensive, monolithic data lakes, and instead focusing on the ability to extract insight from all data sources, structured or not." "Our role is to assist with growing compliance, governance, and regulatory requirements, but also to bring responsible, opt-in AI features to our customers and to help make data protection, cybersecurity, and digital transformation board-level priorities," Young concludes. "It's critical we talk about incidents-it raises awareness across all organisations. If we don't, it's not going to be a board-level discussion, and teams will struggle to get budget for this stuff."
