Ransomware attacks spiked in October 2025, with more than 700 organizations sustaining attacks, according to a new report from Cyfirma.
“In October 2025, ransomware activity surged globally, marking a significant resurgence after a period of mid-year stability,” the report says.
“Victim counts climbed to 738, driven by renewed campaigns from leading operators and the emergence of several new groups. Qilin more than doubled its attacks to 181 victims, while Sinobi expanded sixfold, signaling aggressive growth among established actors. At the same time, new entrants such as Black Shrantac, Coinbase Cartel, and GENESIS intensified the threat landscape, collectively contributing to a rise in targeted data extortion campaigns.”
Attackers focused primarily on sectors and organizations that suffer the most from downtime, with a heavy focus on the United States.
“Industries most affected included Professional Services, Manufacturing, Information Technology, and Healthcare, with attackers focusing on sectors offering high disruption potential and ransom leverage,” the researchers write. “Geographically, the United States remained the epicenter of global ransomware activity, followed by Canada, France, and Germany, while expanding campaigns across Asia and the Middle East signaled a broader international reach.”
The researchers offer the following advice to help organizations defend themselves against ransomware attacks:
- “Strengthen cybersecurity measures: Invest in robust cybersecurity solutions, including advanced threat detection and prevention tools, to proactively defend against evolving ransomware threats.
- Employee training and awareness: Conduct regular cybersecurity training for employees to educate them about phishing, social engineering, and safe online practices to minimize the risk of ransomware infections.
- Incident response planning: Develop and regularly update a comprehensive incident response plan to ensure a swift and effective response in case of a ransomware attack, reducing the potential impact and downtime.”
AI-powered security awareness training can give your organization an essential layer of defense against cyberattacks. KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 HRM+ platform to strengthen their security culture and reduce human risk.
Cyfirma has the story.
