SonicWall Cyber Threat Report 2025

Keypoints

• Annual cybersecurity reports typically consist of sections like executive summaries, threat landscape overviews, detailed threat analyses, and strategic recommendations, providing a comprehensive understanding of current security risks and trends.
• Key statistics show that 61% of ransomware uses new exploit code within 48 hours, the average ransom payment reached $850,700 in 2024, and malware variants have increased to over 210,000 with daily new threats of about 637.
• Notable trends include a 124% rise in IoT attacks and a 93% increase in encrypted malware, reflecting expanding attack surfaces and more sophisticated threat techniques.
• The escalation of ransomware attacks, especially double and triple extortion in healthcare impacting over 198 million Americans, underscores the severity of current threats.
• BEC attacks now represent 33% of cyber insurance claims, with a dramatic 70% rise in Vendor Email Compromise incidents in industries like retail and construction.
• Threat actors exploit vulnerabilities within days of public disclosure, often leveraging automation, AI, and hacking tools like LOLBins for stealthier, faster attacks.
• The reports reveal a marked increase in fileless malware utilizing trusted system binaries, and how AI automation tools have lowered entry barriers for complex attacks such as SSRF and BEC.
• IoT vulnerabilities persist, with attacks on IP cameras reaching over 17 million in 2024, highlighting risks in critical infrastructure and smart devices.
• Cybercriminals are diversifying attack methods, with threats like Strela Stealer adapting to evade detection, and file-based attacks spreading through malicious PDFs, ZIP/RAR archives, and fake mobile apps.
• Overcoming security challenges requires organizations to adopt real-time patch management, Zero Trust, continuous monitoring, and user training to effectively respond to rapid threat evolution.