DAX23.604 +0,2%ESt505.401 +0,2%Top 10 Crypto14,32 +2,3%Dow42.410 +2,8%Nas18.708 +4,4%Bitcoin93.213 +0,5%Euro1,1126 +0,3%Öl65,76 +1,2%Gold3.245 +0,3%
Beliebte Suche
DAX 40 Ölpreis Euro - Dollar Bitcoin - Euro Goldpreis
Meistgesucht
Rheinmetall 703000 NVIDIA 918422 Bayer BAY001 Tesla A1CX3T Allianz 840400 Amazon 906866 RENK RENK73 Lufthansa 823212 Infineon 623100 Mercedes-Benz Group (ex Daimler) 710000 BASF BASF11 Volkswagen (VW) vz. 766403 BYD A0M4W9 Commerzbank CBK100 Novo Nordisk A3EU6F
Alle Aktien für 0 Euro (zzgl. Spreads) handeln mit finanzen.net zero. Hier informieren
Heute im Fokus
DAX freundlich -- ZEW-Index überrascht positiv -- Plug Power macht Verluste -- Bayer besser als befürchtet -- BYD, Novo Nordisk, Munich Re, Tesla im Fokus
Top News
DAX konsolidiert auf hohem Niveau - Bilanzen und Konjunkturdaten im Fokus DAX konsolidiert auf hohem Niveau - Bilanzen und Konjunkturdaten im Fokus
Tesla: Robotaxi-Pläne auf dem Prüfstand der US-Behörde! Tesla: Robotaxi-Pläne auf dem Prüfstand der US-Behörde!
Suche...
Login
ODER

Neu auf finanzen.net?

Kostenfrei registrieren und Vorteile nutzen

Übersicht Wertpapierdepots Musterdepots Watchlists Meine News Newsletter Forum Trading Desk Apps Social Media Podcasts
Profil
Wer­bung
Schaffe Schaffe Häusle baue - der gettex podcast von der INVEST Messe in Stuttgart mit Lars Reichel

Black Kite Releases 2025 Ransomware Report, Revealing 123% Increase in Ransomware Attacks Over Two Years

13.05.25 12:00 Uhr

New research finds dozens of new bad actors and growing unpredictability of attacks

BOSTON, May 13, 2025 /PRNewswire/ -- Black Kite, the leader in third-party cyber risk intelligence, today announced its newest report, 2025 Ransomware Report: How Ransomware Wars Threaten Third-Party Cyber Ecosystems, which provides a deep analysis into evolving ransomware trends and threats. The report found that threats have escalated with more actors, less predictability, and deeper entanglement in supply chains, underscoring an urgent need for organizations to implement intelligence-driven defenses and proactive vendor monitoring.

Black Kite Logo (PRNewsfoto/Black Kite)

"Ransomware has evolved, not in sophistication but in strategy," said Ferhat Dikbiyik, Black Kite. "Since the fall of LockBit and AlphaV ransomware syndicates, the cybercriminal landscape has been defined by chaos and recalibration, with dozens of new actors that are unpredictable in how, where, and why. We are entering a new era of ransomware where the growth in victim count signals more than just an activity surge. There is a deeper shift in how ransomware groups operate and who they target, with small and mid-sized businesses becoming the new frontline. As the barriers are now lowered with less sophisticated but effective actors entering the field, organizations need to understand their cyber ecosystem risk by shifting their cybersecurity posture from visibility to anticipation and response to resilience."

Between April 2024 and March 2025, ransomware attacks escalated with unpredictable campaigns across a wide range of industries. As uncovered by Black Kite's Research & Intelligence Team (BRITE), the number of publicly disclosed victims saw a 25% increase from the previous year. This follows a steep rise in the previous period with an 81% surge, amounting to a 123% increase over two years. The year also saw a noticeable uptick in attacks against small and mid-sized businesses (SMBs) due to their less robust cybersecurity defenses and lower risks of retaliation, and a rise in supply chain warfare with attackers focused on third-party vendors where just one compromised provider can disrupt dozens to hundreds of downstream organizations. These incidents, often called silent breaches, can go unnoticed until their ripple effects halt operations across industries.

Leveraging data and machine learning, Black Kite's Ransomware Susceptibility Index® (RSI™) proved to be a critical signal. A numerical score between 0.0 and 1.0, with a higher score representing greater susceptibility to a ransomware attack, RSI goes beyond cyber risk metrics and provides a composite score that incorporates technical indicators and intrinsic risk factors. In fact, for those with RSI above 0.8, nearly half (46%) were attacked, and most organizations showed rising RSI trends well before a breach.

The report's key findings include:

  • Publicly disclosed ransomware victims climbed to 6,046, a 24% increase year over year, and more than doubled since 2023
  • 52 entirely new groups emerged in the last year, resulting in 96 active ransomware groups
  • Under-resourced, understaffed, and underprepared, SMBs ($4M-$8M) were the most frequently targeted
  • Ransomware was responsible for 67% of known third-party breaches
  • 46% of organizations with RSI greater than 0.8 experienced ransomware attacks
  • With smaller, less sophisticated operators that often lack the infrastructure to run complex extortion operations, ransom payment values declined by 35%, but the overall impact has widened

Ransomware is no longer dominated by large syndicates. Today's organizations must contend against smaller groups that have less experience but the same intent - disrupt, extort, and repeat. While the tactics lack the sophistication of their predecessors and the targets are smaller, the volume and unpredictability of this new era of ransomware presents a new set of challenges. Organizations must also defend against AI-driven ransomware that enables attackers to bypass existing security systems and could evade detection, like analyzing EDR logs or monitoring incident response communications to adjust ransom demands.

Access the full report here.

Methodology
The findings in this report are the result of a comprehensive year-long investigation conducted by the Black Kite Research & Intelligence Team (BRITE), covering the period between April 1, 2024 and March 31, 2025. The methodology combines continuous monitoring of ransomware operations with detailed victim analysis and dark web intelligence gathering:

  • BRITE monitored activity from over 150 ransomware groups, tracking their leak sites, extortion posts, and public disclosures. A group was considered "active" if it published at least one victim within the last 12 months. By March 2025, 96 groups met this threshold.
  • A total of 6,046 victims were identified through leak site monitoring, cross-validated with open-source intelligence and internal telemetry. For each victim, BRITE analysts determined industry classification using NAICS codes, headquarters location by country, and estimated company size based on publicly available financials or trusted databases. BRITE also leveraged the Black Kite platform to assess each victim's cybersecurity posture before and after the incident, helping to identify patterns in susceptibility and exposure.
  • To complement leak site tracking, BRITE actively monitored ransomware blogs, Telegram channels, and dark web forums to identify group narratives, affiliate activity, and coordination patterns. This enabled the team to detect new groups quickly and contextualize victim disclosures beyond surface-level postings.

About Black Kite
Black Kite gives organizations a comprehensive, real-time view into cyber ecosystem risk so they can make informed risk decisions and improve business resilience while continuously monitoring more vendors, partners, and suppliers in an ever-changing digital landscape. Through an automated process, and a combination of threat, business and risk information, Black Kite provides cyber risk intelligence that goes beyond a simple risk score or rating. Black Kite serves more than 3,000 customers in a wide range of industries and has received numerous industry awards and recognition from customers.

Learn more at www.blackkite.com, or on the Black Kite blog.

Media Contact:
Michelle Kearney
Hi-Touch PR
443-857-9468
kearney@hi-touchpr.com

Cision View original content to download multimedia:https://www.prnewswire.com/news-releases/black-kite-releases-2025-ransomware-report-revealing-123-increase-in-ransomware-attacks-over-two-years-302452421.html

SOURCE Black Kite