"Qilin was the most active ransomware group in 2025 with 1,022 attacks, accounting for 13 percent of the total. The group operates via a franchise-like Ransomware-as-a-Service model: affiliates arrange initial access, while the core operators manage negotiations and publications of the leaked data."
"Noteworthy is the decline of LockBit 3.0. The group, which had been dominant for years, fell completely out of the top ten after sustained international police action. At the same time, AI-driven tools and standardized ransomware kits lowered the threshold for less technically savvy attackers."
"The industrial sector was the most frequent target: 2,190 attacks, an increase of 54 percent compared to 2024. The attack on Jaguar Land Rover led to a production shutdown of more than a month and losses of more than $890 million."
Ransomware attacks surged 50 percent globally in 2025, reaching 7,874 incidents according to NCC Group's Annual Threat Intelligence Report. Qilin emerged as the most active group with 1,022 attacks, operating through a franchise-like Ransomware-as-a-Service model. Akira and CL0P followed in second and third positions. LockBit 3.0, previously dominant for years, disappeared from the top ten following sustained international police action. The industrial sector experienced the highest attack volume with 2,190 incidents, a 54 percent increase from 2024. February and December recorded peak activity, with 1,093 and 788 attacks respectively. AI-driven tools and standardized ransomware kits lowered technical barriers for attackers.
#ransomware-attacks #qilin-ransomware-group #industrial-sector-targeting #ransomware-as-a-service #cybersecurity-threats
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]