Ransomware

Most ransomware attacks occur during weekends and holidays, times of distraction or disruption when the majority of SOCs are not adequately staffed.

A new report from Semperis finds that 52 percent of surveyed organizations in the US, UK, France, Germany, Italy, Spain, Singapore, Canada, Australia and New Zealand were targeted at holidays or weekends.

New research from Sophos into ransomware in the retail industry shows that among organizations that had data encrypted, 58 percent paid the ransom to get their data back -- the second highest payment rate in five years.

The survey, of 361 retail IT and cybersecurity leaders across 16 countries, also finds that 46 percent of attacks began with an unknown security gap, while 30 percent exploited known vulnerabilities. 58 percent of victims with encrypted data paid, however, only 48 percent of attacks resulted in encryption. The median ransom demand doubled to $2 million from 2024 and average payment increased five percent to $1 million.

European organizations are encountering ransomware at a record pace, according to CrowdStrike’s 2025 European Threat Landscape Report. The new study found that Europe accounted for nearly 22 percent of global ransomware and extortion victims, second only to the US.

With attacks taking just 24 hours on average, the report shows a worryingly aggressive and complex threat for businesses and governments across the region.

A new report shows that organizations taking longer than nine hours to address an email security breach have a 79 percent chance of also being a victim of ransomware.

The study from Barracuda, based on a survey of 2,000 IT decision makers carried out by Vanson Bourne, also finds that most of the organizations surveyed (78 percent) experienced an email breach in the previous 12 months, with the average cost to recover reaching $217,068.

Trellix has published its latest CyberThreat Report: October 2025, highlighting a clear rise in the use of AI-powered tools and malware by cybercriminals.

Drawing on global threat intelligence gathered between April and September 2025, the report explores how automation, geopolitics, and AI are reshaping modern attack methods.

A new study from OpenText of nearly 1,800 global IT and security leaders shows a false sense of confidence in ransomware readiness.

The report shows that 95 percent of respondents say they’re confident in their ransomware recovery -- yet only 15 percent of those attacked have fully recovered their data.

ESET has added new ransomware recovery and scam protection capabilities to its consumer and small business products. The security firm's latest offerings, ESET HOME Security and ESET Small Business Security, bring its enterprise-grade Ransomware Remediation feature to homes and small offices for the first time.

Ransomware incidents remain among the most damaging forms of cybercrime worldwide. ESET’s Ransomware Remediation system automatically creates encrypted backups when a threat is detected, so that users can restore any affected files once the attack has been neutralized, hopefully minimizing downtime and data loss.

The frequency of ransomware attacks has dropped from eight incidents per organization to five or six incidents in the last year, but at the same time the average ransomware payment has surged by more than a million dollars, from $2.5M to $3.6M.

A new Global Threat Landscape report from ExtraHop, based on research by Censuswide, finds threat actors are shifting away from broad, indiscriminate attacks to a more targeted approach that yields better results.

New data from BlackFog shows publicly disclosed ransomware attacks continued to set new records in the third quarter of this year, with 270 attacks -- a 36 percent increase compared to the same quarter in 2024 (198 attacks). This also represents a 335 percent increase since Q3 2020, underscoring the continued rise in attacks over the last five years.

Between July and September, publicly disclosed attacks were attributed to 54 ransomware groups. As in Q2, the Qilin ransomware gang was the most active, responsible for 20 incidents during the period. Notably, approximately 40 percent (107) of reported attacks have not yet been attributed to any known ransomware group.

Cybercrime has become a global epidemic, with costs soaring across sectors and borders. But who’s paying the price and how has that changed since the turn of the century?

Researchers from vpnMentor have analyzed 25 years of FBI Internet Crime Complaint Center (IC3) data along with a review of major global incidents to discover the cost of cybercrime and how it’s evolving.

New research from Comparitech, based on data from its worldwide ransomware tracker, finds a 30 percent rise in ransomware attacks on healthcare businesses in the first nine months of 2025.

It recorded 293 ransomware attacks on hospitals, clinics, and other direct care providers -- a similar number to 2024 -- but there were a further 130 attacks on businesses operating within the healthcare sector, such as pharmaceutical/medical manufacturers, medical billing providers, and healthcare tech companies.

The Scattered Spider group seems to have switched from high-profile attacks on UK retailers to new campaigns targeting the insurance sector. The group has recently been linked to ransomware incidents affecting US-based Philadelphia Insurance and Erie Insurance, which operates in both the UK and the US.

We spoke to Danny Howett, technical director at global cybersecurity consultancy CyXcel, to discuss why insurance is such an attractive target and some practical steps insurers can take to shore up their defences against increasingly organised cybercriminals.

Phishing has overtaken all other vectors as the leading entry point for ransomware, cited by 35 percent of affected organizations, up sharply from 25 percent in 2024.

This is one of the findings of a new report from SpyCloud which also shows that 85 percent of organizations were affected by ransomware at least once in the past year, with nearly a third (31 percent) reporting six to 10 ransomware events in the last year.

A new report from risk solutions company Resilience shows in the first half of 2025, the average cost of an individual ransomware attack rose by 17 percent, while the volume of incurred claims across Resilience's portfolio dropped by 53 percent, highlighting the persistent and destructive threat of financially motivated cybercrime.

Ransomware accounted for almost all (91 percent) of incurred losses, while financially motivated social engineering, especially via tailored attacks bolstered by AI-powered phishing content, fueled 88 percent.

New data from Check Point Research reveals a sharp rise in cyberattacks globally, with business services, healthcare, and manufacturing among the hardest hit sectors.

Ransomware incidents in particular have surged, with 487 attacks reported in July, a 41 percent increase year-on-year. North America accounted for 56 percent of all reported ransomware cases, followed by Europe at 24 percent.