#United Kingdom #Boston #Cyber Risk #Ransomware #Black Kite

Black Kite's 2026 European Cyber Risk Report: A Deep Dive

In June 2026, Black Kite published its inaugural European Cyber Risk Report focusing on the alarming rise in ransomware incidents across the continent. The findings indicate a staggering 55.1% increase in ransomware attacks from the previous year, highlighting a growing concern for organizations across Europe. This report comes at a critical time as cyber threats evolve and regulations become stricter.

Key Insights

According to the report, Germany, the United Kingdom, France, Italy, and Spain accounted for nearly 70% of all ransomware incidents in Europe, with Germany being the most targeted nation. The data emphasizes how cyber risks are particularly concentrated in Europe’s largest markets. Furthermore, with the rise of interconnected supply chains, third-party vulnerabilities are becoming critical pathways for attackers, illustrating the urgency for organizations to address third-party risk management actively.

Dr. Ferhat Dikbiyik, Chief Research and Intelligence Officer at Black Kite, noted that these three forces—accelerating ransomware, the importance of supply chains in cyberattacks, and rising regulatory requirements—converge to create a unique challenge for European organizations. As frameworks like NIS2 and DORA demand a deeper understanding of cyber risks across supplier ecosystems, organizations must adapt and respond proactively to manage these threats effectively.

Escalating Ransomware Activity

Black Kite's thorough research tracked publicly disclosed incidents of ransomware affecting European organizations from January 2025 to April 2026. The statistics show that ransomware attacks climbed significantly, reaching an average of 171 incidents per month in early 2026. This surge underscores the urgent need for organizations to bolster their cybersecurity frameworks and ensure thorough assessments of risks associated with their vendors and suppliers.

One of the most significant findings was the identification of various ransomware groups, with Qilin emerging as the most active group, responsible for attacks across 26 out of 31 countries analyzed in the report. In contrast, the ransomware group SafePay concentrated its efforts on German organizations, further reflecting how some attackers prefer targeting specific markets over broader strategies.

Third-Party Risks on the Rise

The findings highlighted the impact of third-party vulnerabilities. Throughout 2025 and 2026, many European organizations found themselves victims of ransomware incidents linked to their suppliers. The most noteworthy case involved the August 2025 compromise of Miljödata, a Swedish software supplier, which resulted in the data exposure of more than one million individuals. This incident alone affected around 250 organizations, showcasing the far-reaching consequences of a single supplier breach.

With vendor vulnerabilities becoming a central focus, organizations spent considerable resources defending against attacks on both their systems and those emerging from their supply chain dependencies. This shift in focus reinforces the notion that understanding and mitigating third-party risks is no longer a peripheral concern, but rather a critical component of an organization’s overall cybersecurity strategy.

Report Findings and Implications

The report's comprehensive analysis not only shed light on the growing ransomware threat landscape but also reflects broader implications that organizations may face as regulatory pressure increases. Critical sectors like manufacturing and professional services, particularly IT service providers, endured the brunt of these ransomware incidents; such patterns suggest a systemic risk where primary supplier targets can put multiple clients at significant risk.

To effectively respond to these evolving threats, organizations are increasingly expected to demonstrate oversight and understanding of cyber risks present in their vendor ecosystems. Black Kite’s suite of services aims to offer insights necessary for organizations to gain visibility into their third-party risks—helping them mitigate vulnerabilities and respond to threats based on real-time data.

In conclusion, the growing landscape of cyber threats emphasizes the need for organizations to not only bolster their internal defenses but also secure the entire supply chain ecosystem. Black Kite's report serves as a roadmap for enhancing cyber resilience in the face of escalating ransomware attacks across Europe.

For more insightful details from the report or to participate in upcoming discussions about these critical topics, visit Black Kite. Attend the July 22 webinar titled “Europe's Cyber Risk Equation” for deeper insights into navigating this transformed cyber landscape.