The GuidePoint Researching & Intelligence Team (GRIT) is back with a new report highlighting the most impactful ransomware and cyber threats from Q3 2025. Here’s a snapshot of what the data reveals:
- 77 active ransomware groups in Q3 2025 (an all-time high)
- 1500-1600 emerging as a “new normal” baseline for publicly posted ransomware victims in a quarter
- Engineering and Education joined the “Top 10 most impacted” industries, giving Transportation, and Entertainment, Hospitality and Tourism, a brief respite
- 252 publicly claimed ransomware attacks targeting manufacturing in Q3 2025, a 26% increase over the prior quarter
- Qilin accounted for 15% of the total Q3 attack count, with 234 victims
- Akira claimed 150 ransomware victims in Q3, a 13% QoQ increase over Q2 (133) and 212% YoY increase (48)
- US increased its ransomware target count from the previous quarter to 56% (from 52.1%), solidifying its place as a top target
Understand the tactics, motivations, and emerging behaviors of ransomware groups and cybercriminals. Discover where the threat landscape is headed, how attackers are evolving, and what it means for your security strategy.
