Telecom Italia warned ransomware attacks surged in 2025 as cybercriminals used AI and automation to scale campaigns, cautioning that rapidly evolving technology and geopolitical tensions are reshaping digital risk. In the second edition of its Cyber Security Report produced alongside Italy-based non-profit Cyber Security Foundation, TIM said ransomware claims topped 7,400 globally in 2025, up 42% compared to 2024.[1]
The report pointed to malware campaigns affecting entities in around 200 countries and a 20% rise in known vulnerabilities. It highlighted zero-day flaws as a growing concern because they can be exploited before vendors issue patches.
The study also flagged: promptware, a form of cyberattack designed to manipulate generative AI (genAI) and LLMs; and quishing, a scam using compromised QR codes, smart devices and satellite network security as emerging risk areas. It argued cyber resilience is now tied to service continuity, industrial competitiveness and overall national security.
In contrast, distributed denial-of-service (DDoS) incidents, which are attacks designed to overwhelm websites, apps or networks by flooding them with traffic, fell 36% partly due to preventive measures. Yet, the report warned this decline did not mean the threat was easing. Attacks became more focused, persistent and aimed at strategic targets including governments, telecoms and transport systems, while average exposure times rose 19%.
TIM attributed the ransomware surge to the continued industrialization of cybercrime, with attackers benefiting from both geopolitical instability and AI-powered automation. Indeed, the study presented AI as a double-edged sword, noting that while it acts as a “threat multiplier” used to automate malicious code and accelerate fraud, phishing and abuse, it has also strengthened attack prevention, analysis and response capabilities.
Alessandra Michelini, CEO and chairwoman of TIM Group’s cybersecurity arm Telsy, said the threat response cannot be limited to emergency management, calling for active investment in “digital sovereignty, skills development and secure technologies”.
Marco Proietti, founder and president of the Cyber Security Foundation, added cybersecurity must become “a widespread culture”, as “a more digitally aware country is, first and foremost, a safer country”.
This article is shared at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information (CTI) via a notification/Tier I analysis service (RedXray) or an analysis service (CTAC). For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@redskyalliance.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/rt/14363376183548501
[1] https://www.mobileworldlive.com/operators/tim-flags-surge-in-ai-driven-cyberattacks/
Comments