Ransomware payments by UK businesses have dropped sharply, with just 17% of victims paying attackers in the past year, according to Databarracks’ newly published Data Health Check 2025. This is down from 27% in 2024 and 44% in 2023.

The annual survey of 500 IT decision-makers found organisations are now more than three times more likely to recover from back-ups than to pay. In 2025, 57% of affected organisations recovered from back-ups, supported by improved back-up practices, with 72% now having air-gapped back-ups and 59% using immutable back-ups.

More firms are also taking a hard line, with 24% having a policy never to pay a ransom – double the figure from 2023. The shift coincides with government plans to ban payments by public sector bodies and critical national infrastructure operators, alongside mandatory reporting and pre-payment notification for the private sector.

James Watts, managing director at Databarracks, said: “The government’s new stance is bold – but the data shows the direction of travel was already clear. In some sense, the policy is a formalisation of where UK businesses were already headed. Paying the ransom used to feel like the only option. Now, the best-prepared organisations are recovering faster, more reliably, and without funding criminals. Air-gapped and immutable back-ups are giving organisations the confidence to say no – and back it up.”

The report found improving back-up processes has become the top IT resilience priority for UK organisations, ahead of both continuity planning and recovery testing.

---