SonicWall’s fresh 2025 Annual Threat Report highlights remarkable disclosures, including that thieves exploited fresh vulnerabilities within two weeks 61 % of the time, and that it takes the average business between 120 and 150 times to use a piece. In contrast, the agency’s experts detected 210, 258 “never-before-seen” trojan variants in 2024.
According to researchers, the ordinary ransomware payment in 2024 exceeded$ 850 or$ 700, with overall related losses frequently exceeding$ 4.91 million after accounting for outage and recovery costs. Business email compromise ( BEC ) attacks cost more than$ 2.95 billion in global losses in 2024.
Additionally, SonicWall provided more details about how attacks are having an impact on Latin America and the US medical industry.
Ransomware experienced a skyrocketing rise in Latin America.
Ransomware was up 259 % in Latin America and up 8 % in North America, the firm said.
IoT attacks jumped 124 %, encrypted threats climbed 93 %, and malware spiked 8 % year-over-year.
According to SonicWall’s 2025 Annual Threat Report, very obvious malware organizations like LockBit and BlackCat used ransomware-as-a-service models to carry out common problems and exploit critical risks to infiltrate systems.
198M+ British people were impacted by attacks
The U. S. medical industry faced “unprecedented problems, with over 198 million British patients impacted by malware,” said Bob VanKirk, president and chief executive officer of SonicWall, in the document. He attributed the fast development of AI tools to the new ransomware varieties.
Triple extortion even increased throughout the year, with double extortion even increasing, especially in healthcare. This particular technique involves threatening to launch sensitive information unless demands are met while encrypting an group’s most important data, according to the report. ” This technique is employed to put even more pressure on ransomware sufferers to give the threat actors because the criminals are basically holding the data hostage in a variety of ways,” says the author.
Threat players in the healthcare sector even threaten to relieve patients ‘ data unless the ransom is paid in the case of triple bribery. According to the report, medical institutions “were also among the least equipped to deal with the fallout.”
SMBs are now increasingly looking to strengthen their threats.
VanKirk wrote,” SonicWall’s information indicates that danger celebrities are moving at extraordinary frequencies”.
He added that” they should not go it alone in the battle against cybercrime” and noted that this mainly puts pressure on small and medium-sized businesses.
To strengthen defenses, the report advised SMBs to use reputable managed service providers ( MSPs ) or managed security service providers ( MSSPs ). These partners may provide real-time surveillance, fast update implementation, zero-trust security models, and continuing education, the report said.
Methodology
According to VanKirk, the report is based on opinions from SonicWall’s 24/7 security operations center analysts and market insights from reputable cybersecurity insurance providers.
