Articles about Ransomware

The number of active ransomware groups has jumped 45 percent in the past year, according to a new report from GuidePoint Security’s GRIT team.

Covering Q2 2025, the report outlines how cybercriminals are regrouping, rebranding and using recycled tools to launch fresh attacks across industries.

Continue reading →

There are large numbers of ransomware groups operating around the world, some of which have been conducting their nefarious work for years. There are older which are rather less long in the tooth, such as the recently formed SatanLock.

The group has been in existence for mere months, popping up in April this year. Responsible for a spate of attacks over a number of weeks, the ransomware group has announced that it is already shutting up shop. More than this, it plans to leak any data it has stolen.

Continue reading →

A new study from Comparitech, based on data collected from 2,600 attacks between 2018 and 2023, shows the average time for a US company to report a data breach following a ransomware attack is 4.1 months.

From 2018 to 2023, the average time to report a ransomware breach has increased, rising from 2.1 months in 2018 to just over five months in 2023. Healthcare has the lowest reporting time with 3.7 months, while businesses (4.2 months) and government entities (4.1 months) are similar.

Continue reading →

The conventional formula for maintaining business continuity in the face of unexpected IT disruptions is as follows: Back up your data. Make a recovery plan. Test the recovery plan periodically.

That approach may work well enough if your primary concern is defending against risks like server failures or data center outages caused by natural disasters. But in the present age of widespread ransomware attacks, conventional backup and recovery planning aren’t always enough.

Continue reading →

Between April 2024 and March 2025, ransomware attacks escalated with unpredictable campaigns across a wide range of industries. The number of publicly disclosed victims also saw a 24 percent increase from the previous year.

A new report from Black Kite shows this follows a steep rise in the previous period with an 81 percent surge, amounting to a 123 percent increase over two years. Ransomware was responsible for 67 percent of known third-party breaches.

Continue reading →

On today's International Anti-Ransomware Day, cybersecurity company SentinelOne has publishes a blog looking at on how ransomware has evolved over the past 10 years.

It highlights how Ransomware-as-a-Service (RaaS) has matured into a scalable, profit-driven model, with revenue-sharing, affiliate recruitment, and performance incentives fuelling rapid expansion across the cybercrime ecosystem.

Continue reading →

New analysis by Comparitech shows that government entities remain a frequent target for ransomware gangs.

Of the 39 confirmed attacks -- where the organization publicly acknowledges what's happened -- in April, 21 were on businesses, nine on government entities, six on healthcare companies and three on educational institutions.

Continue reading →

Cybercriminals are pivoting to stealthier tactics, with lower-profile credential theft spiking, while ransomware attacks on enterprises have declined.

These are among the findings of a new report from IBM X-Force which also observes an 84 percent increase in emails delivering infostealers in 2024 compared to the previous year, a method threat actors rely heavily on to scale identity attacks.

Continue reading →

Ransomware attacks reached a historic high in the first quarter of this year, with 2,063 victims reported, a 102 percent increase compared to the previous year.

The report from GuidePoint Security also records a record high number of active threat groups, with 70 identified in Q1, reflecting a 55.5 percent year-on-year rise.

Continue reading →

New findings from threat protection platform BlackFog show the first quarter of 2025 has seen record-breaking numbers of publicly disclosed ransomware attacks, marking a 45 percent increase compared to Q1 of 2024.

Analysis of ransomware activity in the period from January to March saw records set each month. Both January and February set new monthly records for disclosed attacks, with increases from 2024 of 22 percent and 36 percent, respectively while March recorded the largest number of disclosed attacks since BlackFog began tracking in 2020, with 107 attacks -- an 81 percent increase compared with March 2024.

Continue reading →

New research from Object First shows 81 percent of IT professionals say immutable backup storage built on Zero Trust principles is the best defense against ransomware, and 54 percent view target backup appliances as more secure than integrated appliances.

The report, produced with Informa TechTarget's Enterprise Strategy Group, finds two-thirds of organizations have suffered an attack, and 45 percent experienced multiple attacks. Moreover, 49 percent of affected organizations took up to five business days to recover, and most could not recover all of their data.

Continue reading →

The latest threat intelligence report from Ontinue finds a 132 percent surge in ransomware attacks, although ransom payments have declined by 35 percent, suggesting a shift in attacker strategies to double down on ransomware efforts.

Among other key trends, the report highlights the rapid rise of Adversary-in-the-Middle (AiTM) attacks, which have become a dominant method for stealing authentication tokens and bypassing multi-factor authentication (MFA).

Continue reading →

Ransomware attacks are increasingly targeting organizations across industries, with the potential to cause devastating financial, operational, and reputational damage.

We spoke to James Eason, practice lead for cyber risk and compliance at Integrity360, to get his insights into how executive boards can effectively prepare for such incidents.

Continue reading →

With enterprises relying increasingly on data stored on the cloud existing ransomware solutions designed for in-house storage often fall short. That can mean longer recover times which in turn can prove devastating for the business.

Cloud backup platform Eon is launching a new cloud-native package designed specifically to provide protection and recovery from ransomware attacks. Engineered for immediate recovery, Eon's platform is able to restore clean data in minutes, offering greater efficiency than other current market offerings.

Continue reading →

A new report from cyber insurance provider Coalition shows 58 percent of ransomware claims in 2024 started with threat actors compromising perimeter security appliances like virtual private networks (VPNs) or firewalls.

Remote desktop products are the second-most exploited for ransomware attacks at 18 percent. The most common initial access vectors (IAVs) being stolen credentials (47 percent) and software exploits (29 percent). Vendors including Fortinet, Cisco, SonicWall, Palo Alto Networks, and Microsoft build the most commonly compromised products.

Continue reading →