Ransomware threats surge as phishing grows, damages may hit $275 billion
KnowBe4 has highlighted the growing threat posed by ransomware, particularly through social engineering tactics, urging organisations to strengthen their human defences during Ransomware Awareness Month.
Recent research from KnowBe4 indicates a 57.7% increase in ransomware payloads delivered through phishing attacks between 1 November 2024 and 15 February 2025 when compared to the previous three months. This finding emphasises the significance of phishing as a primary method for ransomware to gain initial access to organisational systems.
The impact of ransomware on organisations remains severe, with global damages forecasted to reach USD $275 billion annually by 2031. Data from the 2025 Verizon Data Breach Investigations Report further reveals that ransomware was involved in 44% of all analysed breaches, a marked rise from 31% in the prior year.
Social engineering, and phishing specifically, has been increasingly exploited by cybercriminals to distribute ransomware. KnowBe4 notes that as these attack methods evolve, organisations must focus on mitigating the human risk inherent to their operations.
Five steps to reduce risk
To support efforts to minimise ransomware exposure, KnowBe4 has outlined five strategies for organisations to bolster their human layer of defence:
First, organisations are encouraged to tailor cybersecurity training by role. Providing timely, role-specific and personalised training helps address the unique threats and responsibilities of different departments, which can lead to a reduction in employee behaviours often targeted by ransomware attackers.
Second, running realistic phishing simulations is recommended. Regular simulations model current threat tactics, which can assist in building employees' critical thinking skills and foster instinctive resistance to phishing-based ransomware attacks.
Third, promoting a no-blame reporting culture is suggested. Encouraging employees to immediately report any suspicious emails or activities, regardless of whether they have made an error, enables more effective and quicker ransomware response and containment.
Fourth, maintaining a focus on ransomware awareness is essential. Organisations should run continuous awareness campaigns, utilising ongoing reminders, visuals, and regular communication, so that ransomware threats remain prominent and vigilance across the workforce is reinforced.
Finally, deploying advanced anti-phishing technology can complement human defences. Solutions powered by artificial intelligence and machine learning are increasingly able to identify and neutralise sophisticated phishing attacks, including those carrying zero-day ransomware payloads, often before they reach employee inboxes.
Social engineering and workforce vigilance
As ransomware attacks rise in prevalence and sophistication, KnowBe4 is calling attention to the important role social engineering plays in making organisations susceptible to compromise.
"Ransomware remains one of the largest cyber threats an organization can face–and it all starts with social engineering," said Roger Grimes, Data-Driven Defence Evangelist at KnowBe4. "As reports continue to highlight the varied forms of phishing as the most prevalent access vector for ransomware-related attacks, organizations must prioritize reducing human risk first and foremost. This Ransomware Awareness Month, it is crucial for every organization to understand their strongest defense against ransomware is actually their workforce."
The escalation in both the volume and the impact of ransomware cases through 2025 points to the critical need for organisations to address human factors in their cybersecurity strategies. The combination of tailored training, realistic testing, supportive internal cultures, ongoing awareness campaigns, and advanced technical defences forms a comprehensive approach against social engineering-led ransomware attacks.
