First quarter of 2025 sets record for ransomware attacks and threat groups
April 10, 2025 – Published on SiliconANGLE
A new report released today by GuidePoint Security finds that ransomware hit a record high in the first quarter of 2025, as the number of victims surged to more than 2,000 and the landscape became increasingly fragmented with 70 active threat groups.
The finding comes from the GRIT 2025 Q1 Ransomware & Cyber Threat Report, which found that there were 2,063 ransomware victims in the quarter, up 102% from the same quarter of 2024.
The rise in ransomware attacks has come at a time when the number of active ransomware and data extortion groups has reached a record high of 70, up from 60 in the fourth quarter of last year and 45 in the first quarter of 2024. The 55.5% year-over-year increase is said in the report to reflect a rapidly fragmenting threat landscape, with more distinct groups carrying out attacks than ever before.
The report interestingly notes the rise of what GuidePoint’s researchers call a “middle class” of ransomware operators that conduct steady campaigns at moderate volumes, such as Play, Lynx and Fog. The trend varies for previous years, where a handful of major players like LockBit or Alphv dominated the victim count.
Although smaller, less active ransomware players may not sound too bad, it’s not a positive development, as the report argues that the diversification of attackers makes the threat environment less centralized and more unpredictable.
Read More HERE.