InfoSunrise – Daily Insights Across Tech, Travel, Lifestyle & More

Latest News, Trends & Expert Picks in One Place

Tech

Ransomware Attacks Surge 47% in 2025, Hitting U.S. Firms Hardest

Byadmin

Oct 17, 2025 #5G technology, #AI technology, #artificial intelligence, #augmented reality, #best laptops, #best tech apps, #blockchain, #cloud computing, #cryptocurrency, #cybersecurity, #digital transformation, #emerging tech, #future technology, #iOS vs Android, #latest inventions, #latest tech news, #machine learning, #new gadgets, #robotics, #smart home devices, #smartphones, #software updates, #tech, #tech comparisons, #tech industry news, #tech innovations, #tech reviews, #tech startups, #tech tips and tricks, #tech trends, #tech tutorials, #technology, #top tech of 2025, #virtual reality, #wearable tech

Ransomware activity has risen sharply in 2025, with cybercriminals striking thousands of companies worldwide and US-based firms facing the heaviest losses.

Between January and September, researchers at cybersecurity firm NordStellar[1] tracked more than 6,300 ransomware cases on the dark web, a jump of nearly 47 percent compared with the same period last year. The data, drawn from over 200 blogs run by ransomware operators, paints a worrying picture of how widespread and organized these attacks have become.

US Firms Remain the Primary Targets

The United States accounted for more than half of all identifiable incidents in the third quarter, recording 686 cases out of about 1,274 where victim locations were confirmed. Canada, Germany, the United Kingdom, and France followed at a distance. Analysts link this concentration to the large number of public and profitable businesses based in the US, coupled with regulatory pressure that often pushes companies to settle incidents swiftly to limit operational damage.

Manufacturing Tops the List of Affected Industries

The manufacturing sector suffered the most in recent months, with 245 reported cases between July and September. High production costs and dependence on complex supply chains make manufacturers more vulnerable, especially when older systems remain unpatched or rely heavily on third-party vendors.

Other industries heavily hit include professional and technical services, information technology, construction, and financial services. Businesses in these sectors tend to handle valuable data or essential systems, which increases the appeal for ransomware operators.

Smaller Companies Face Growing Risk

Small and medium-sized businesses continue to be prime targets, particularly those with fewer than 200 employees and annual revenues between $5 million and $25 million. Limited cybersecurity budgets and less-developed IT infrastructure make them easier to infiltrate. Many lack the resources to investigate incidents thoroughly or report them to authorities.

Attackers often assume that these companies will pay ransoms faster to avoid prolonged downtime, data loss, or reputational damage that could otherwise cripple their operations.

Ransomware Gangs Behind the Spike

Longstanding criminal groups continue to dominate the ransomware landscape. The Qilin syndicate led activity in the third quarter with more than 240 incidents, followed by Akira, INC Ransom, Play, and Safepay.

While Qilin, Akira, and Play have been active for several years, newer players such as Safepay have rapidly gained ground since late 2024.
The rise of ransomware-as-a-service (RaaS), where developers lease malicious software and infrastructure to affiliates… has also fueled the surge. This model lowers the entry barrier for attackers and helps criminal networks expand faster.

How Companies Can Strengthen Defenses

NordStellar’s data suggests that the persistence of ransomware reflects how profitable the model remains. Many organizations, even after paying the ransom, struggle to regain full access to their systems or risk facing a second demand.

Experts advise firms to focus on proactive protection rather than recovery alone. That means implementing cybersecurity training to identify phishing scams, enforcing multi-factor authentication, and adopting strong password management systems.
Monitoring external vulnerabilities, scanning for leaked data on the dark web, and keeping critical backups stored separately from main networks can also reduce exposure.
As more companies adopt hybrid and remote work, the number of unmanaged devices and external connections continues to rise, expanding the attack surface. Regular checks for unknown vulnerabilities and stronger vendor security reviews are increasingly essential.

A Continuing Battle

The upward trend in ransomware attacks shows little sign of slowing. With over 1,900 incidents recorded in the third quarter alone, 2025 is shaping up to be one of the most active years for ransomware on record.

References

  1. ^ NordStellar (nordstellar.com)

By admin

Related Post

Tech

Kevin Rose’s simple test for AI hardware — would you want to punch someone in the face who’s wearing it?

Nov 3, 2025 admin
Tech

Alphabet is increasingly launching “moonshot” projects as independent companies — here’s why

Nov 3, 2025 admin
Tech

Sequoia’s Roelof Botha warns founders about chasing sky-high valuations as the firm doubles down on its selective approach

Nov 2, 2025 admin

You missed

Travel

Worse than expected: Thousands of delays, 5-hour backups plague airports this weekend

November 9, 2025 admin
Travel

Marriott Bonvoy Bold vs. Hilton Honors American Express Card: Comparing hotel cards with no annual fee

November 9, 2025 admin
Travel

From Alaska to New York City, here are our 10 favorite Christmas markets in the US

November 9, 2025 admin
Travel

Best Alaska cruisetours to book right now

November 9, 2025 admin