SonicWall’s new 2025 Annual Menace Report highlights startling revelations, together with that hackers exploited new vulnerabilities inside two days 61% of the time, and that it takes the common group between 120 and 150 days to use a patch. As well as, the agency’s researchers detected 210,258 “never-before-seen” malware variants in 2024.

Researchers reported that, in 2024, the common ransomware cost reached $850,700, with complete associated losses typically exceeding $4.91 million when factoring in downtime and restoration prices. International losses from enterprise e-mail compromise (BEC) assaults exceeded $2.95 billion in 2024.

SonicWall additionally detailed elevated cyberattacks impacting Latin America and the U.S. healthcare sector.

Ransomware skyrocketed in Latin America

Ransomware was up 259% in Latin America and up 8% in North America, the agency stated.

IoT assaults jumped 124%, encrypted threats climbed 93%, and malware spiked 8% year-over-year.

Extremely seen ransomware teams comparable to LockBit and BlackCat leveraged ransomware-as-a-service fashions to hold out widespread assaults and benefit from crucial vulnerabilities to infiltrate methods, SonicWall’s 2025 Annual Menace Report famous.

198M+ American sufferers had been impacted by cyberattacks

The U.S. healthcare sector confronted “unprecedented challenges, with over 198 million American sufferers impacted by ransomware,’’ stated Bob VanKirk, president and chief government officer of SonicWall, within the report. He attributed the brand new malware variants to the speedy adoption of and developments in AI instruments.

Double extortion was prolific all year long with triple extortion additionally rising, particularly in healthcare. “This particular tactic entails encrypting a corporation’s most important information whereas concurrently threatening to launch delicate data except calls for are met,’’ the report acknowledged. “This tactic is used to put much more stress on ransomware victims to pay the risk actors because the criminals are basically holding the information hostage in a number of other ways.”

Within the case of triple extortion within the healthcare business, risk actors will even go on to sufferers and threaten to launch their information except that ransom is paid. The report famous that healthcare organizations “had been additionally among the many least ready to deal with the fallout.”

SMBs more and more have to bolster their defenses

VanKirk wrote, “SonicWall’s information signifies that risk actors are shifting at unprecedented speeds.”

He famous that this particularly places stress on small and medium-sized companies and added “they need to not go it alone within the struggle towards cybercrime.”

The report urged SMBs to make use of trusted managed service suppliers (MSPs) or managed safety service suppliers (MSSPs) to bolster defenses. These companions can present real-time monitoring, speedy patch deployment, zero-trust safety fashions, and ongoing training, the report stated.

Methodology

The report is predicated on views from SonicWall’s 24/7 safety operations heart analysts and market insights from revered cybersecurity insurance coverage suppliers, VanKirk stated.