Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Ransomware Attacks Surge by 50% Even as Payments Drop

    KnowBe4 Team | Mar 11, 2026

    iStock-1276687348 (1)The number of ransomware attacks increased by 50% in 2025, even though the number of victims who decided to pay the ransom fell to an all-time low, according to a new report from Chainalysis.

    The size of the ransom for victims who did pay increased significantly, growing 368% year-over-year to nearly $60,000. The total ransom payments observed by Chainalysis last year amounted to $820 million.

    “In 2025, ransomware actors received more than $820 million in on-chain payments — an 8% decline year-over-year (YoY) from $892 million, our updated 2024 estimate,” the researchers write. “The 2025 total is likely to approach or exceed $900 million as we attribute more events and payments, just as our 2024 total grew from our initial $813 million estimate this time last year.”

    The researchers also note that the number of ransom payments doesn’t capture the full scope of the damage caused by ransomware.

    “The ransomware narrative of 2025 cannot be told through revenue figures alone,” the researchers say. “While payments declined modestly, the scale, sophistication, and strategic impact of attacks continued to expand. Organizations large and small — from global automakers to regional healthcare systems — faced extortion that disrupted operations, eroded trust, and faced systemic costs that far exceeded on-chain ransom totals.”

    Chainalysis concludes that ransomware gangs are adapting and improving their tactics to squeeze as much money as possible out of their victims.

    “In this context, the ransomware landscape in 2025 is best characterized by adaptation rather than retreat: extortion tactics continue to evolve, enabling actors to extract value and damage beyond traditional payment streams,” the researchers write.

    “For defenders and policymakers alike, this underscores a central truth of the modern ransomware era — effective response requires both robust defenses and strategic resilience to limit the total harm inflicted by these multifaceted threats.”

    KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 HRM+ platform to strengthen their security culture and reduce human risk.

    Chainalysis has the story.

     

    Return To KnowBe4 Security Blog

    Topics: Ransomware

    KnowBe4 Team

    ABOUT KNOWBE4 TEAM

    The KnowBe4 Team delivers timely, expert-driven insights on cybersecurity trends, emerging threat intelligence, human risk best practices, compliance strategies and industry research to help organizations strengthen their human defense layer and stay informed, resilient, and secure.

    Read more from KnowBe4 »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    We Train Humans & Agents
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest insights, trends and security news. Subscribe to CyberheistNews.