A growing majority of organizations worldwide say they are losing ground to artificial intelligence (AI)-driven cyberattacks, according to CrowdStrike’s 2025 State of Ransomware Survey released Oct. 21.
The report found that 76 percent of global organizations struggle to keep pace with the speed and sophistication of AI-powered adversaries, underscoring urgent implications for critical infrastructure and homeland preparedness, says CrowdStrike.
“From malware development to social engineering, adversaries are weaponizing AI to accelerate every stage of attacks, collapsing the defender’s window of response,” said CrowdStrike Chief Technology Officer Elia Zaitsev. “The 2025 State of Ransomware Survey reinforces that legacy defenses can’t match the speed or sophistication of AI-driven attacks.
Time is the currency of modern cyber defense,” Zaitsev said, “and in today’s AI-driven threat landscape, every second counts.”
The survey findings suggest that AI has become the defining factor in the global cybersecurity race — with 89 percent of respondents viewing AI-enabled protection as essential to closing the defense gap.
Among the survey’s key takeaways are that:
- Legacy defenses are losing ground. Nearly half (48 percent) of surveyed organizations said AI-automated attack chains are now the top ransomware threat, while 85 percent reported that traditional detection tools are becoming obsolete.
- Speed is decisive. Almost 50 percent fear they cannot detect or respond fast enough to AI-driven attacks. Less than a quarter can recover within 24 hours, and nearly one in four suffer major operational or data losses.
- AI is revolutionizing social engineering. Phishing remains the leading attack vector, with 87 percent of respondents warning that AI makes lures more convincing. Deepfake-enabled scams are also emerging as a significant driver of ransomware incidents.
- Paying ransom backfires. Among organizations that paid a ransom, 83 percent were attacked again — and 93 percent had data stolen despite payment.
- Leadership gaps persist. Three-quarters (76 percent) reported a disconnect between executive confidence in ransomware readiness and actual preparedness, highlighting the need for board-level engagement in modernizing defenses.
For government and homeland security stakeholders, the findings reinforce the national risk posed by AI-accelerated cyber operations, which can disrupt public services, supply chains, and emergency response systems, according to CrowdStrike’s report, which calls for faster, intelligence-driven defenses and automation at scale to close the widening gap between attackers and defenders.
CrowdStrike says its Agentic Security Platform aims to give defenders “AI superiority” by automating critical security workflows and enabling faster, more precise threat response through mission-ready AI agents.