By 2025, ransomware transitioned from being an isolated IT issue to a systemic threat, capable of disrupting national supply chains, critical services, and entire industries. This change is evident in long-term forecasts, with Cybersecurity Ventures projecting that the global cost of ransomware will soar to $275 billion annually by 2031. This figure includes not just ransom payments, but also expenses related to downtime, data loss, recovery efforts, and lost productivity.
Top Ransomware Attacks of 2025
In a recent blog post, SOCRadar highlighted the ten most significant ransomware attacks of the year:
- Salesforce Ecosystem The SaaS Supply Chain Blind Spot
- Oracle E-Business Suite: Zero-Day Supply Chain Extortion
- Jaguar Land Rover Ransomware Attack: Britain’s Costliest Cyberattack Ever
- Ingram Micro Ransomware Attack: Global IT Distribution Paralyzed
- Co-operative Group: UK Retail Sector Siege Continues
- PowerSchool: Education Sector Extortion at Unprecedented Scale
- Synnovis Healthcare Disruption with Confirmed Patient Harm
- DaVita: Ransomware Hits Critical Healthcare Infrastructure
- Asahi Group: Manufacturing Halt Exposes IT-OT Convergence Risk
- Collins Aerospace: Ransomware Grounds European Airports
SOCRadar provided an in-depth analysis of each incident, revealing several recurring patterns. In many cases, initial access was gained through stolen credentials or social engineering techniques, rather than sophisticated exploits. The impact was often magnified by vulnerabilities in supply chains, which turned a single breach into hundreds or even thousands of downstream failures. Notably, the focus shifted from encryption to data theft and operational paralysis, with the true consequences sometimes only becoming apparent months later through regulatory investigations or confirmed human impact.
