Surge of 34% in Global Ransomware Attacks Targeting Critical Industries in 2025
Global Ransomware Attacks Surge by 34% in Critical Industries
In a recent report titled "Escalating Ransomware Threats to National Security," KELA, a prominent name in cyber threat intelligence, has revealed alarming data indicating a 34% surge in ransomware attacks aimed at critical industries within the first nine months of 2025. This surge brings significant concern, illustrating the increasing dangers posed by cybercriminals to essential sectors of the economy.
Key Findings of the Report
Between January and September 2025, a total of 4,701 ransomware incidents were recorded globally. This is a significant increase from 3,219 incidents reported during the same timeframe in 2024. Nearly 50% of these attacks, which equates to 2,332, targeted critical infrastructure sectors that are key to national resilience, such as manufacturing, healthcare, energy, transportation, and finance. The findings highlight the growing urgency for organizations and governments alike to address cybersecurity threats seriously.
According to Lin Levi, the Threat Intelligence Team Lead at KELA, ransomware operations should be considered not just as financially motivated attacks, but as tactical strategies aimed at disrupting operations while inflicting both financial and reputational damage. The report emphasizes that disruptions in critical industries can result in consequences at a national level, undermining vital operations and eroding public trust.
Sector-Specific Increases
Manufacturing emerged as the sector with the most substantial increase in attacks, experiencing a staggering 61% year-over-year growth in ransomware incidents. The United States was particularly hard hit, suffering approximately 1,000 attacks, which accounts for 21% of the global ransomware activity. Following the U.S. were Canada, Germany, the U.K., and Italy, all of which reported significant ransomware activity as well.
Professionalization of Cybercriminal Ecosystems
The report outlines a troubling trend regarding the professionalization and consolidation of cybercriminal networks. Among 103 active ransomware groups, just five groups — Qilin, Clop, Akira, Play, and SafePay — were responsible for nearly 25% of all attacks. This indicates a shift towards well-organized cybercriminal entities capable of conducting high-impact attacks.
Recommendations for Mitigation
To protect vital services from these escalating threats, organizations and government bodies must prioritize proactive measures. Continuous real-time monitoring is crucial for detecting and responding to cyber threats effectively. KELA urges sectors critical to national security to acknowledge the severity of ransomware risks and put in place comprehensive security strategies that can adapt to the evolving landscape of cyber threats.
Conclusion
The 34% increase in ransomware attacks against critical sectors in 2025 underscores the urgent need for enhanced cybersecurity measures. As cybercriminals become more sophisticated and organized, the imperative for continuous vigilance and preparedness in addressing these threats has never been more essential. To gain deeper insights and strategies for effective defense, organizations are encouraged to download the full report available on KELA’s website.
Topics Consumer Technology)
【About Using Articles】
You can freely use the title and article content by linking to the page where the article is posted.
※ Images cannot be used.
【About Links】
Links are free to use.