The wave of ransomware continues unabated: According to the Bitkom study “Economic Security 2025,” one in three German companies fell victim to such an attack in 2025—nearly three times as many as in 2022. Financial losses from cyberattacks reached a new record of 202.4 billion euros, with ransomware accounting for a large portion of these costs. But the real danger lies not only in the sheer number of attacks, but in their increasing sophistication. Cybercriminals have long been relying on artificial intelligence to optimize their attacks. In its 2025 Situation Report, the BSI warns: “The threat situation continues to worsen because AI dramatically lowers the barriers to professional attacks.”

AI is transforming the ransomware landscape and impacting security measures. Attacks are becoming faster and more precise. AI analyzes in seconds which systems are vulnerable and where the greatest damage can be inflicted. The deception is becoming more sophisticated. AI-generated phishing emails or deepfake calls are now virtually indistinguishable from genuine communications. And the attackers are learning as they go. AI recognizes patterns in companies’ defense mechanisms and adapts its attack strategies accordingly.

The fact is: Ransomware is not only becoming more frequent but also more effective, and traditional security measures are no longer sufficient.

Backup as the Last Line of Defense—If Done Right

In this high-risk situation, a backup remains the most important line of defense. But traditional backups are no longer a safe haven, as cybercriminals are specifically targeting them. The Bitkom 2025 study paints an alarming picture: In nearly half of all ransomware cases, backups were also attacked or encrypted. As a result, companies cannot restore their data and, out of desperation, tend to pay the ransom. This makes it clear: A backup that isn’t specifically secured against ransomware and AI-powered attacks is not a backup you can rely on.

But what really makes a backup secure? First: immutability. Data must be stored in such a way that it cannot be manipulated or encrypted after it is created—even if attackers are already in the system. Second: isolation. Backups should be physically or logically separated from the production environment to prevent the ransomware from spreading to the backup data. Third: regular testing. A backup that isn’t regularly tested for recoverability—and, above all, for resilience—is worthless.

The AI-proof vault for backup data

This is where solutions like Blocky for Veeam from GRAU DATA come into play—a solution specifically developed to protect backup data from ransomware, even in the age of AI. The secret lies in WORM (Write Once, Read Many) technology that has been specially adapted for this purpose. Once the backup data is stored, it can no longer be altered by cybercriminals or other unauthorized individuals or machines. Even if attackers compromise the backup server, the data remains untouched. But Blocky for Veeam goes even further: It protects not only the backup files at the file system level but also the physical storage media. Disk protection ensures that even targeted attacks below the file level—such as those aimed at the partition table—are thwarted.

Those Who Back Up Right Win

AI is making ransomware more dangerous, and anyone still relying on traditional backups in 2026 is playing Russian roulette with their company. With a solution that reliably protects backups from ransomware encryption, companies can maintain their last line of defense even in the age of AI-powered attacks. Because in the end, only one thing matters: When the extortionists get in touch, IT managers and company leadership need to be able to laugh—not pay.

Press Review

• • Ransomware Resilience 2.0: From Backup to Operating Model
  • Digital Airbag: Backup with Ransomware Protection