Trends and threats from the past year, with insights to protect your organization.
Stay prepared for the year ahead with a look-back at the cyber threats that had the most impact in 2025. Insights from the report include:
- Ransomware victim numbers hit a new all-time high. 2,287 ransomware victims were posted in Q4 2025 alone — the largest number recorded in a single quarter since the report’s inception.
- The number of threat groups has reached record levels. 124 distinct ransomware groups were active in 2025, the highest ever recorded and a 46% year-over-year increase.
- The United States remains a top geographic target for ransomware attacks. In 2025, more than half (55%) of ransomware victims were based in the U.S.
- A new RaaS leader has emerged. Qilin’s activity levels in 2025 were the highest of any group ever observed.
- The Manufacturing industry was most heavily impacted by ransomware, accounting for 14% of attacks. The Technology (9%) and Retail/Wholesale (7%) industries followed closely behind.
- High ransomware activity levels should continue in 2026. December 2025 was the most active month for claimed ransomware victims on record with 814 successful attacks — a 42% year-over-year increase.
Understand the tactics, motivations and emerging behaviors of ransomware groups and cybercriminals. Discover where the threat landscape is headed, how attackers are evolving and what it means for your security strategy.
