Ransomware payments have decreased by 33%, dropping from approximately $1.1 billion in 2023 to $734 million in 2024, according to a report from the Financial Crimes Enforcement Network. Despite this decline in payments, the number of ransomware attacks has remained relatively stable, with 1,476 incidents reported last year, a slight decrease of only 2% from the previous year. Notably, there has been a 700% increase in ransomware attacks targeting hypervisors, which are often less secure than traditional endpoints. This shift in attack vectors poses new risks for Managed Service Providers (MSPs) as attackers adapt their strategies to exploit vulnerabilities in hypervisor architectures.

In addition to the ransomware landscape, state attorneys general have issued warnings to major tech companies, including OpenAI and Microsoft, regarding the potential harms of generative AI, particularly concerning child safety. The letter emphasizes the need for stronger safeguards to prevent AI systems from engaging in harmful behaviors. Meanwhile, Congress has allowed the Technology Modernization Fund, which supports federal IT projects, to expire, freezing nearly $200 million in funding. This situation creates a disconnect, as states demand accountability from AI vendors while federal funding for modernization efforts remains stalled.

The episode also discusses OpenAI's transition to a for-profit model, raising concerns about transparency and accountability in AI development. Allegations have emerged that OpenAI has self-censored research highlighting the negative impacts of AI, leading to employee resignations. This shift complicates the narrative around AI's societal impacts, as vendors may prioritize their commercial interests over objective reporting. Furthermore, security vendors are introducing new products aimed at enhancing AI security, but these solutions often focus on control rather than responsibility, leaving MSPs vulnerable to client expectations and potential liabilities.

For MSPs and IT service leaders, the evolving landscape of ransomware and AI governance underscores the importance of proactive risk management. As AI systems become integral to business operations, the expectation for accountability will increase, particularly in regulated environments. MSPs must prioritize clear governance structures and be prepared to address the implications of AI deployment, ensuring that they do not inadvertently absorb risks that are not adequately priced in their service agreements. The focus should be on establishing limits and maintaining oversight to protect both their clients and their own business interests.

Support the vendors who support the show:

👉 https://businessof.tech/sponsors/

Get exclusive access to investigative reports, vendor analysis, leadership briefings, and more.

👉 https://businessof.tech/plus

Want the show on your favorite podcast app or prefer the written versions of each story?

📲 https://www.businessof.tech/subscribe

Looking for the links from today’s stories?

Every episode script — with full source links — is posted at:

🌐 https://www.businessof.tech

Pitch your story or appear on Business of Tech: Daily 10-Minute IT Services Insights:

💬 https://www.podmatch.com/hostdetailpreview/businessoftech

LinkedIn: https://www.linkedin.com/company/28908079

YouTube: https://youtube.com/mspradio

Bluesky: https://bsky.app/profile/businessof.tech

Instagram: https://www.instagram.com/mspradio

TikTok: https://www.tiktok.com/@businessoftech

Facebook: https://www.facebook.com/mspradionews

Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.