Let’s take a look at the threat landscape to kick things off.
According to the Verizon 2025 Mobile Security Index, 85% of organizations report increased mobile attacks, with 38% citing AI-powered ransomware as a growing threat. Despite 93% of organizations using generative AI tools, only 17% have implemented specific security measures to counter potential AI-assisted attacks. Small and medium-sized businesses (SMBs) face unique challenges, feeling resource disadvantaged in cybersecurity efforts compared to larger firms. The report highlights that 57% of SMBs struggle with this disparity, yet proactive measures, including robust employee training on mobile security and AI risk management, can significantly mitigate these vulnerabilities. With 63% of organizations experiencing significant downtime due to security incidents, enhancing cybersecurity is not just a best practice but a business necessity.
58% of retailers impacted by ransomware paid the ransom to regain access to their data, according to a recent report by Sophos. This year’s Sophos State of Ransomware in Retail report highlights that nearly half of ransomware incidents originated from unknown security gaps, emphasizing a persistent lack of visibility in cybersecurity measures across the retail sector. The report, which surveyed 361 IT and cybersecurity leaders from various retail organizations, found that the median ransom demand has doubled to $2 million, while the average payment increased by 5% to $1 million.
Cybercriminals are increasingly targeting logistics and trucking companies by tricking them into installing remote monitoring and management tools, according to researchers at Proofpoint. These attacks aim to hijack freight shipments and sell stolen goods, with tactics including posting fraudulent listings on load boards and hijacking email threads. Since mid-2025, various campaigns have been identified that involve sending malicious links to carriers, leading them to install harmful software. Proofpoint highlights that the attackers do not specifically target companies, but rather exploit any carrier responding to fake load postings. This opportunistic approach poses a significant risk, as compromised systems allow attackers to gather sensitive information and identify high-value freight loads.
According to a report from Cybersecurity Ventures, global spending on cybersecurity is projected to exceed $1 trillion by 2025, linked to the fact that cyberattacks have increased by over 50% in the last year.
Why do we care?
The threat landscape’s heating up, but not in the way headlines suggest.
Verizon says mobile attacks are up 85%, Sophos says retail ransom payments have doubled, and Proofpoint found hackers using RMM tools to hijack freight shipments. Yep — your own toolkit’s being turned against you, with names and software clients recognize.
Everyone’s talking about “AI-powered ransomware,” but that’s mostly hype. Attackers aren’t suddenly geniuses — they’re just automating what already works: bad passwords, unpatched systems, and phishing.
And while the industry’s about to spend a trillion dollars on cybersecurity, the same visibility gaps keep biting us.
So for MSPs, here’s the play: double down on the basics. Lock down your RMMs, teach clients how not to click, and prove your recovery plans actually work. The threats may evolve, but discipline still beats drama.