In 2025, ransomware moved beyond isolated IT incidents and became a systemic risk, capable of disrupting national supply chains, critical services, and entire industries. This shift is reflected in long-term projections, with Cybersecurity Ventures estimating that the global cost of ransomware will reach $275 billion annually by 2031, driven by downtime, data loss, recovery efforts, and lost productivity, not just ransom payments.
In a recent blog post SOCRadar rattled off the top 10 ransomware attacks of 2025:
1. Salesforce Ecosystem – The SaaS Supply Chain Blind Spot
2. Oracle E-Business Suite: Zero-Day Supply Chain Extortion
3. Jaguar Land Rover Ransomware Attack: Britain’s Costliest Cyberattack Ever
4. Ingram Micro Ransomware Attack: Global IT distribution paralyzed
5. Co-operative Group: UK retail sector siege continues
6. PowerSchool: Education Sector Extortion at Unprecedented Scale
7. Synnovis – Healthcare Disruption with Confirmed Patient Harm
8. DaVita: Ransomware Hits Critical Healthcare Infrastructure
9. Asahi Group: Manufacturing Halt Exposes IT–OT Convergence Risk
10. Collins Aerospace: Ransomware Grounds European Airports
Across these incidents, each of which SOCRadar breaks down in detail, several patterns repeat. Initial access often began with stolen credentials or social engineering rather than advanced exploits. Supply chains amplified impact, turning a single breach into hundreds or thousands of downstream failures. Data theft and operational paralysis mattered more than encryption, and in some cases, the true consequences only emerged months later through regulatory findings or confirmed human impact.
Read the Full Story