Annual Ransomware Retrospective: 2025 Insights & 2026 Expectations
The GRIT 2026 Ransomware & Cyber Threat Report documents the most active year for ransomware GRIT has ever recorded, including a 58% year-over-year increase in reported victims and a growing number of active threat groups. While law enforcement disruptions reshaped parts of the ransomware ecosystem, overall activity accelerated—driven by group fragmentation, faster attack cycles and increasingly repeatable operations.
In this session, you’ll learn:
- Why ransomware victim counts hit record highs in 2025
- How group fragmentation is driving higher attack volume
- What the rise of Qilin signals about where ransomware is headed
- Which industries and regions attackers focused on most
- How AI and vulnerability exploitation are accelerating attacks
Watch the GuidePoint Security’s Research and Intelligence Team (GRIT) walk through the GRIT 2026 Annual Report, focused on what these trends mean for incident responders, SOC analysts and detection engineering teams. We’ll connect the data to real-world response challenges and discuss where defenders are most likely to encounter ransomware activity in 2026.
GRIT Presenters:
- Jason Baker – Managing Security Consultant
- Grayson North – Principal Threat Intelligence Consultant
- Justin Timothy – Senior Threat Intelligence Consultant
- Nick Hyatt – Senior Threat Intelligence Consultant
