Poland leads in ransomware attacks

In H1 2025, Poland ranked first globally in detected ransomware attacks, accounting for 6% of incidents—surpassing even the U.S., according to ESET. Despite a 30% global rise in attacks, the value of ransoms paid fell by 35%, due to stronger law enforcement and declining trust in cybercriminal groups.
Internal weaknesses amplify Poland’s exposure. Just 59% of companies use security software, and only 19% of employees understand the term “ransomware.” Over half haven’t received cybersecurity training in the past five years.
Ransomware tactics are evolving. ClickFix—a fake error prompt resembling reCAPTCHA—has surged 517% in use, often imitating tools like Microsoft Teams.
Experts urge a proactive, layered defense: up-to-date antivirus software, MFA, regular backups, and comprehensive employee training.
“Cybersecurity remains reactive for many firms,” says DAGMA’s Dawid Zięcina. “It’s time decision-makers treat it as essential to business resilience, not just compliance.”