Acronis today released the findings of the Acronis Cyberthreats Report H1 2025, detailing the most popular threat vectors, active threat groups, and targeted industries in the first half of 2025. Ransomware remains the major threat for large and medium-sized businesses, with new groups increasingly leveraging AI to automate their activities – phishing accounted for 25% of all attacks and 52% of attacks targeting MSPs, a 22% increase compared to 1H 2024.
The biannual report covers the global threat landscape as encountered by the Acronis Threat Research Unit (TRU) and Acronis sensors on Windows endpoints from January through June 2025. Based on signals from over 1,000,000 unique endpoints distributed around the world, the report also incorporates statistics focused on threats targeting Windows operating systems, given their prevalence as compared to macOS and Linux.
Key Findings of the Acronis Cyberthreats Report H1 2025 include:
- Ransomware is Still Top-Dog: The number of publicly known ransomware victims increased nearly 70% over the measured time period, as compared to both 2023 and 2024. Cl0p, Akira, and Qlin are the most active ransomware gangs.
- AI Powering Surge in Social Engineering: Ransomware gangs are increasingly utilizing AI, and this is reflected in their chosen threat vectors – social engineering and BEC attacks increased from 20% to 25.6% in January 2025 through May 2025 compared to the same period in 2024, likely due to the growth in AI use for crafting convincing impersonations. Malware was discovered in 1.47% of Microsoft 365 email backups.
- MSPs Bombarded by Phishing and BEC Attacks: While the overall number of attacks targeting MSPs fell over the measured time period, the nature of attacks changed significantly; phishing accounted for 52% of all attacks targeting MSPs as compared to 30% in 2024, while Remote Desktop Protocol (RDP) attacks all but vanished.
- Not All Phishing Attacks are Created Equal: While phishing is the weapon of choice for attackers, they are increasingly focusing on collaboration apps, eschewing simple BEC campaigns. Almost 25% of the attacks in collaboration apps leveraged AI-generated deepfakes or automated exploits.
- Manufacturers in the Crosshairs: Manufacturing was ransomware gangs’ most targeted industry, representing 15% of all recorded cases in Q1 2025. Retail, food and drink (12%) and telcos and media (10%) were also popular targets.
For more information, download a copy of the full Acronis H1 2025 Cyberthreats Report here: https://www.acronis.com/en-us/resource-center/resource/acronis-cyberthreats-report-h1-2025
To learn more about the report and its findings, visit the Acronis blog here: https://www.acronis.com/en-us/blog/posts/acronis-cyberthreats-report-h1-2025-some-good-news-and-a-lot-of-bad-news
Related
This entry was posted on August 20, 2025 at 8:51 am and is filed under Commentary with tags Acronis. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Acronis Report Finds AI-Powered Phishing and Social Engineering Fueling Surge in Ransomware
Acronis today released the findings of the Acronis Cyberthreats Report H1 2025, detailing the most popular threat vectors, active threat groups, and targeted industries in the first half of 2025. Ransomware remains the major threat for large and medium-sized businesses, with new groups increasingly leveraging AI to automate their activities – phishing accounted for 25% of all attacks and 52% of attacks targeting MSPs, a 22% increase compared to 1H 2024.
The biannual report covers the global threat landscape as encountered by the Acronis Threat Research Unit (TRU) and Acronis sensors on Windows endpoints from January through June 2025. Based on signals from over 1,000,000 unique endpoints distributed around the world, the report also incorporates statistics focused on threats targeting Windows operating systems, given their prevalence as compared to macOS and Linux.
Key Findings of the Acronis Cyberthreats Report H1 2025 include:
For more information, download a copy of the full Acronis H1 2025 Cyberthreats Report here: https://www.acronis.com/en-us/resource-center/resource/acronis-cyberthreats-report-h1-2025
To learn more about the report and its findings, visit the Acronis blog here: https://www.acronis.com/en-us/blog/posts/acronis-cyberthreats-report-h1-2025-some-good-news-and-a-lot-of-bad-news
Share this:
Like this:
Related
This entry was posted on August 20, 2025 at 8:51 am and is filed under Commentary with tags Acronis. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.