From Tokyo: In a region where digital infrastructure underpins everything from regional supply chains to government services, there is a creeping consensus among cybersecurity professionals that the rules of data protection have changed. The backup, long treated as the ultimate insurance policy against ransomware, is no longer the reliable safety net it once was.
The arrival of AI-powered ransomware has forced a reckoning. In August 2025, ESET researchers uncovered a new type of malware named PromptLock that leverages generative artificial intelligence to execute attacks, running a locally accessible AI language model to generate malicious scripts in real time compatible across Windows, Linux, and macOS. The malware scans local files, analyses their content, and determines whether to exfiltrate or encrypt data, with a destructive function already embedded in the code, though it remains inactive for now. While PromptLock turned out to be an academic research prototype created by researchers from New York University Tandon School of Engineering, its sophistication alarmed the cybersecurity community precisely because it arrived looking entirely real. As ESET researcher Anton Cherepanov noted, "a well-configured AI model is now enough to create complex, self-adapting malware" that could severely complicate detection and make defenders' work considerably more challenging.
The broader trend it points to is undeniable. Cybercrime "began its shift toward an AI-driven future" in 2025, with AI making attacks faster through deepfakes, autonomous vulnerability discovery, and growing connectivity between AI models and penetration testing tools. According to ThreatDown's 2026 State of Malware report, 2025 was the worst year for ransomware on record, with attacks increasing 8% year-over-year and impacting organisations in 135 countries.
What makes the new generation of attacks so damaging is precisely where they strike. Ransomware operators in 2025 prioritised speed, stealth, and timing over persistence, moving at night or during holidays, using legitimate IT tools, launching attacks from blind spots, and disabling security and backups before encryption begins. Remote encryption attacks accounted for 86% of ransomware activity in 2025, allowing attackers to encrypt data across protected environments without running malware locally, often from unmanaged or shadow IT systems that left security teams with no malicious process to quarantine.
AI-driven ransomware uses machine learning to adapt, evade detection, and target specific vulnerabilities, and these intelligent threats can analyse backup systems, identify patterns, and corrupt encrypted files before they are stored. In practical terms, this means an organisation may believe it holds clean recovery points when those points have already been silently poisoned. The average ransomware payment surged to $1.13 million in Q2 2025, with two-thirds of payments resulting from failed backups, according to Morphisec Research.
The financial logic behind paying is being undermined regardless. Of organisations that paid a ransom, 83% were attacked again, and 93% had data stolen anyway, according to CrowdStrike's 2025 State of Ransomware survey. In nine out of ten attacks against financial services firms, threat actors specifically attempted to compromise the organisation's backups. For defenders, that figure is the clearest possible evidence that backup systems are now a primary target, not an afterthought.
It is worth pausing here to acknowledge the counterargument from those who study organisational resilience. Better backup disciplines are, slowly, working. By Q3 2025, only 23% of ransomware victims paid, meaning nearly three out of four companies weathered an attack without funding the criminals. 53% of victims fully recovered within one week in 2025, up from 35% in 2024, according to Sophos data. Progressive voices in the cybersecurity field argue that investment in employee training, zero-trust architectures, and better detection tools has started to shift the power balance, and they are not wrong to point to these gains.
The problem is that AI is compressing the timeline faster than defences can scale. 48% of organisations cite AI-automated attack chains as today's greatest ransomware threat, while nearly half say they cannot detect or respond as fast as AI-driven attacks execute, with fewer than a quarter recovering within 24 hours. AI-powered tools enable adversaries to scan for vulnerabilities, bypass security controls, and exploit systems with unprecedented speed, and these agents can autonomously learn from failed attacks and modify their tactics in real time. For governments and critical infrastructure operators across the Asia-Pacific, that trajectory demands attention that goes beyond individual IT budgets.
The practical path forward is not glamorous, but it is clear. Air-gapped backups, those physically disconnected from any network, remain one of the most reliable defences because AI-driven ransomware requires network connectivity to function effectively, making air-gapped systems far harder to compromise. Immutable backups, which cannot be modified or deleted for a set period, mean that even if ransomware infiltrates a system, it cannot corrupt those backups, and many modern backup solutions offer this feature. Regular restoration tests, not just existence checks, are essential; an untested backup is a false promise. Organisations that rely on the Australian Cyber Security Centre's Essential Eight framework already have guidance pointing in this direction, though genuine compliance remains uneven across the public and private sectors.
The honest conclusion is that there are genuine trade-offs here. Strong backup discipline costs money and requires ongoing governance discipline that smaller organisations and resource-constrained government agencies find genuinely difficult. Critics of heavy regulatory mandates are right that blanket compliance regimes can burden small businesses without meaningfully reducing risk. At the same time, the threat data is unambiguous: in a world where a 2025 MIT study of 2,800 incidents found that 80% of ransomware attacks now leverage AI tools, treating encrypted backups as a static, set-and-forget solution is no longer defensible. Reasonable people can disagree about how much regulation is appropriate, but the evidence base for upgrading backup strategies is now beyond serious dispute.