Global Ransomware Attacks Surge, Endangering 50% of Critical Industries and Threatening National Security
Published on October 22, 2025
- Significant increase: Ransomware attacks targeting critical industries have surged by 34% year-over-year in the first nine months of 2025.
- Widespread impact: Globally, almost 5,000 ransomware incidents were recorded in 2025, with 50% of these attacks striking critical infrastructure sectors.
- Geographic concentration: The U.S. was the most targeted nation, accounting for 21% of all global ransomware incidents, or approximately 1,000 attacks.
A significant escalation in global ransomware attacks, with a 34% year-over-year increase in incidents targeting critical industries between January and September 2025. The data indicates that half of the 4,701 ransomware attacks recorded during this period were aimed at sectors essential to national resilience, including manufacturing, healthcare, energy, and transportation.
This dramatic rise underscores the evolving nature of ransomware, which is increasingly viewed not just as a financial crime but as a tactical weapon capable of causing national-level disruptions.
Key Sectors and Threat Actors Driving the Surge
The manufacturing sector experienced the most dramatic increase, with attacks surging by 61% (838 incidents) compared to the same period in the previous year. High-profile incidents, such as those involving Jaguar Land Rover and Bridgestone, highlight the growing vulnerability of industrial supply chains to cyber disruption.
Geographically, the U.S. was the primary target, bearing the brunt of approximately 1,000 attacks. Following the U.S. were Canada, Germany, the U.K., and Italy, a new report from cyber threat intelligence firm KELA reveals.
The cyber threat intelligence report also points to a consolidation within the cybercriminal ecosystem. Out of 103 active ransomware groups, just five were responsible for nearly a quarter of all incidents, indicating a high degree of professionalization among top-tier threat actors:
Qilin recently targeted the Shamir Medical Center in Israel, while Cl0p was linked to the recent Oracle EBS vulnerability exploits.
Implications for Critical Industries Cybersecurity
The ransomware surge in 2025 serves as a critical warning for both governments and private sector organizations responsible for critical industries’ cybersecurity. The ability of these attacks to disrupt essential services and erode public trust elevates them to a national security concern.
Experts emphasize the necessity of shifting toward proactive and preventative measures. Continuous, real-time monitoring and a deep understanding of the threat landscape are crucial for detecting and responding to these sophisticated threats before they can inflict significant financial and operational damage.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular