Ransomware attacks hit historic high in Q1 2025

Ransomware attacks

RICHMOND: Ransomware attacks surged to a record high in the first quarter of 2025, with victims increasing by 102% compared to the same period last year, according to a new report from cybersecurity firm GRIT. 

The quarterly GRIT report, released Wednesday, documented 2,063 ransomware victims in Q1, the highest number ever recorded. The findings also revealed a sharp rise in active threat groups, exploited vulnerabilities and attacks targeting critical industries. 

Key Findings: 

·         Ransomware attacks spiked 102% year-over-year, with 2,063 victims reported in Q1. 

·         A record 70 active threat groups were identified, marking a 55.5% increase from 2024. 

·         Exploited vulnerabilities jumped 75%, with 12,333 flaws reported in the first quarter. 

·         Manufacturing, retail and technology sectors were hardest hit, while nonprofits saw ransomware incidents double from the previous quarter. 

·         The U.S. accounted for 59% of observed victims, the highest proportion to date. 

“This record-breaking quarter was no coincidence,” said Grayson North, principal security consultant at GRIT.

“We’re tracking more active ransomware and extortion groups than ever before, with a noticeable rise in high-volume attacks from emerging players formed out of disrupted gangs, like LockBit and AlphV.” 

North warned that the surge could signal a worsening trend. “The pressing question now is whether this represents a short-term spike or the beginning of a dark year for ransomware victims,” he said. 

While historical data suggests a possible seasonal slowdown in attacks during the summer, North cautioned that the threat landscape remains unstable. “A single large-scale exploit—like those we’ve seen from Clop—could shift the ecosystem’s trajectory,” he said. “The conditions for another record-breaking year are firmly in place.” 

The GRIT report is based on publicly available data, including threat group disclosures and analyst insights into ransomware trends.  

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *