- Ransomware attacks rose 50% in 2025 with 5,967 incidents reported globally
- Manufacturing was the most targeted sector for ransomware attacks this year
- Geopolitical conflicts drove 40,000+ hacktivist data leaks affecting 41,400 domains
There has been a significant escalation in cyber threats worldwide, with ransomware attacks up 50% year-over-year and data breaches reaching second-highest levels on record, a new cybersecurity report by Cyble Inc. shows.
The report noted that India-Pakistan tensions earlier this year generated 1.5 million intrusion attempts. Furthermore, vulnerabilities in enterprise technologies by Microsoft, Apple, Cisco, and Oracle were among the most frequently affected.
Ransomware Landscape Transformation
As per the report, Akira emerged as the second-most prolific ransomware group behind Qilin, conducting campaigns throughout 2025 with particular focus on construction, manufacturing, and professional services sectors.
The CL0P hacker group spiked in late February, posting hundreds of victims in a single wave. The campaign predominantly targeted consumer goods, transportation & logistics, and IT sectors through exploitation of enterprise file transfer software.
Key ransomware statistics include:
5,967 total ransomware attacks in 2025 (50% increase year-over-year).
Manufacturing sector most targeted.
Construction, professional services, healthcare, and IT among top five targets.
31 incidents affected critical infrastructure.
Data Breaches Hit Near-Record Levels
Government and law enforcement agencies accounted for 998 data breaches (16.5% of total), followed by banking, financial services, and insurance with 634 incidents. Combined, these sectors represented over 25% of all breaches, reflecting the focus on high-value targets.
Underground Access Market Fuelling Cybercrime
Analysis of 3,013 compromised access sales revealed targeting of data-rich industries:
Retail sector most targeted (594 incidents, nearly 20% of total).
BFSI second most impacted (284 incidents).
Government third highest (175 incidents).
Zero-Day And Known Exploited Vulnerabilities Drive Attack Surge
Critical vulnerabilities in widely-deployed enterprise technologies served as primary initial access vectors throughout 2025. Over 86% of CISA's Known Exploited Vulnerabilities catalogue entries showed CVSS ratings of 7.0 or higher, with vendors including Microsoft, Fortinet, Apple, Cisco, and Oracle most frequently affected, according to the report.
Rising Geopolitical Hacktivism
Cyble documented over 40,000 data leak and dump posts from hacktivist groups, impacting more than 41,400 unique domains across all major industries. Activity was predominantly driven by geopolitical conflicts, particularly:
India-Pakistan tensions generated 1.5 million intrusion attempts.
Israel-Iran conflict sparked cyber operations by 74 hacktivist groups.
North Korea's IT worker fraud schemes infiltrated global companies.
DDoS attacks, website defacements, and data breaches targeted government and critical infrastructure.
Watch LIVE TV, Get Stock Market Updates, Top Business, IPO and Latest News on NDTV Profit.
