Generative AI is rapidly accelerating ransomware operations by lowering barriers to entry, increasing scale, and intensifying psychological pressure across leadership, risk functions and frontline staff, without fully automating attacks, according to Securin’s 2025 Ransomware Report.
“Ransomware has crossed a strategic threshold,” says Dr. Srinivas Mukkamala, CEO, Securin. “What we’re seeing now is not just faster or more frequent attacks, but campaigns designed to undermine trust, across infrastructure, identity and human decision-making. AI is accelerating that shift, but it’s still human intent driving the outcomes.”
Key takeaways:
· Based on analysis of 7,061 confirmed ransomware victims across 117 threat groups, the report shows ransomware evolving into a hybrid threat that blends cybercrime with infrastructure disruption, identity deception, and information warfare techniques.
· Three groups—Qilin, Akira and CL0P—accounted for nearly 30% of all victims, indicating that a small number of operators drive a disproportionate share of incidents.
· For the first time, commercial facilities were the most targeted sector for ransomware, accounting for 14.1% of all victims, followed by manufacturing, IT service providers, healthcare, and government organizations.
· The report found that attackers prioritized environments where operational interruption carried immediate financial or organizational consequences.
· Manufacturing and infrastructure-adjacent sectors experienced increased activity tied to production downtime, supply chain delays, and safety risks.
· Threat groups commonly use AI to draft phishing and extortion messages, debug scripts, translate content, and streamline repetitive tasks. Only a small number of observed campaigns relied on AI in ways that were critical to execution.
“The narrative around autonomous ransomware misses the point,” says Aviral Verma, head of research, Securin. “The real change is acceleration. AI reduces friction at every stage of an attack, making ransomware operations faster, more scalable, and easier to replicate—even for less skilled actors.”
