Malware, Ransomware, Phishing, Cloud Security, SSO/MFA

AI’s Influence on Malware Attacks Tops IT Pros’ Concerns

Credit: Adobe Stock Images

AI-enhanced malware attacks are primary concern of U.S. IT professionals for 2025, according to 60% of global IT professionals surveyed for GetApp’s 6th Annual Data Security Report.

While phishing and ransomware attacks remain prevalent, the increasing sophistication of AI-enhanced threats signals the need for businesses to prioritize new defensive strategies, asserts GetApp, a software consultancy. Additionally, 37% of U.S. IT professionals view AI-enhanced attacks as their primary concern next year.

Key Trends: Ransomware Recovery Improving

The survey of 4,000 cybersecurity and IT professionals from 11 countries, including 500 U.S. IT professionals, offers insights and recommendations on how businesses can protect themselves against AI-enhanced cyberattacks through training, upgraded tools and response plans.

The report reveals five additional key trends and how to address them:

1. Ransomware remains a significant challenge, but recovery rates are improving. In 2024, ransomware attacks affected 44% of U.S. companies, with 43% of those paying a ransom. However, 36% of businesses were able to recover their data without payment, indicating improvements in incident response and decryption capabilities.

2. Phishing is still widespread despite ongoing prevention efforts. Phishing continues to plague businesses, with 87% of U.S. organizations reporting phishing attempts in the past 12 months. Alarmingly, 74% of employees who received a phishing email clicked on malicious links, highlighting the ongoing need for security awareness training.

3. Cloud security vulnerabilities are a growing concern. As more businesses adopt cloud solutions, 56% of data breaches in the U.S. were attributed to software vulnerabilities, emphasizing the importance of securing cloud-based infrastructure.

4. U.S. data breaches are below global averages, but risks remain high. The U.S. fared better than its global counterparts in terms of data breaches, with 54% of businesses reporting them in 2024 compared to the global average of 62%. Despite this, more than half of U.S. organizations still experienced a breach, underscoring the need for continued vigilance.

5. Multi-factor authentication (MFA) adoption rises as cyberthreats evolve. Fifty-one percent of U.S. companies have implemented MFA for all applications, higher than the global average of 44%. This increased use of MFA is helping businesses fend off some of the most damaging cyberattacks.

Commenting on MFA adoption rates, David Jani, security analyst at GetApp, stated:

“Increased investments in MFA are certainly paying off, but AI is pushing cyberattacks into uncharted territory and businesses can’t afford to fall behind. While efforts to mitigate risks like ransomware and phishing are improving, AI-driven threats require a faster, more adaptive approach. The companies that succeed in 2025 will be the ones that enhance their defenses now.”

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Jim Masters

Jim Masters is Managing Editor of MSSP Alert, and holds a B.A. degree in Journalism from Northern Illinois University. His career has spanned governmental and investigative reporting for daily newspapers in the Northwest Indiana Region and 16 years in a global internal communications role for a Fortune 500 professional services company. Additionally, he is co-owner of the Lake County Corn Dogs minor league baseball franchise, located in Crown Point, Indiana. In his spare time, he enjoys writing and recording his own music, oil painting, biking, volleyball, golf and cheering on the Corn Dogs.

You can skip this ad in 5 seconds