News Security

Ransomware Payments Fall, But EMEA Still Vulnerable to Site-Wide Crises

Veeam report reveals rising data recovery success—but critical infrastructure gaps persist

A new analysis from Veeam reveals a paradox at the heart of EMEA’s ransomware response: while fewer organisations are paying ransoms, most remain dangerously unprepared for full-scale cyber crises. According to Veeam’s 2025 Ransomware Trends Report, ransom payments dropped 22% year-on-year, yet 63% of organisations still lack alternative infrastructure plans—leaving them unable to recover from site-wide attacks.

The shift reflects growing skepticism about the reliability of attackers. In 2024, only 32% of EMEA organisations that paid ransoms successfully recovered their data, down from 54% the previous year. Meanwhile, the number of organisations recovering data without paying doubled—from 14% in 2023 to 30% in 2024.

“Payments may drop, but it doesn’t mean attacks will.”

— Tim Pfaelzer, SVP & GM EMEA, Veeam

“Attackers remain an untrustworthy method of recovering data,” said Tim Pfaelzer, SVP & General Manager EMEA at Veeam. “We’re seeing some abandon encryption altogether, opting instead to steal data for extortion or sale. For others, disruption—not profit—is the goal.”

Despite regulatory momentum from frameworks like NIS2 and DORA, Veeam’s findings show that resilience gaps persist. Without alternative infrastructure, organisations face weeks of downtime after an attack—an operational and reputational disaster. With outages costing up to £1 million per hour, the stakes are high.

“It’s clear that recovery is now central to resilience strategies,” Pfaelzer added. “But regulation alone isn’t enough. Organisations must go further—implementing robust backups and alternative infrastructure to eliminate the need for ransom payments altogether.”

The report also highlights the impact of law enforcement crackdowns, such as the takedown of Lockbit, in disrupting ransomware networks. Yet Veeam warns that without proactive resilience measures, organisations risk being caught flat-footed when the next attack strikes.

As ransomware tactics evolve, EMEA’s path to true resilience demands more than reactive defense. It requires infrastructure, foresight, and a refusal to negotiate with cybercriminals.

Related posts

UiPath Integrates Microsoft Azure AI Foundry into Agentic Automation Platform

Enterprise IT World MEA

Nemetschek Group Partners with WakeCap to Accelerate GCC Construction Digitalization

Enterprise IT World MEA

SolarWinds Introduces AI Agent to Drive Autonomous Operational Resilience

Enterprise IT World MEA

Leave a Comment