New Report from GuidePoint Research and Intelligence Team (GRIT) Highlights 102% YoY Increase in Ransomware Victims, 56% YoY Increase in Number of Ransomware Groups

HERNDON, Va.: #cybersecurity--GuidePoint Security, a cybersecurity solutions leader enabling organizations to make smarter decisions and minimize risk, announced today the release of the quarterly GuidePoint Research and Intelligence Team (GRIT) Ransomware and Cyber Threat Report.

Covering the first quarter of 2025, the new GRIT 2025 Q1 Ransomware & Cyber Threat Report offers exclusive, detailed analysis of the evolving ransomware ecosystem, threat actor behaviors, and emerging cybercrime trends—including a historic high of 2,063 ransomware victims and 70 active ransomware groups.

"This record-breaking quarter was no coincidence," said Grayson North, Principal Security Consultant, GRIT. "We’re tracking more active ransomware and extortion groups than ever before, with a noticeable rise in high-volume attacks from emerging players formed out of disrupted gangs, like LockBit and AlphV. The pressing question now is whether this surge represents a residual short-term spike or the beginning of a dark year for ransomware victims."

The Ransomware and Cyber Threat Report also explores the Lazarus ByBit hack, the continued exploitation of web application vulnerabilities and global law enforcement efforts to dismantle the Ransomware-as-a-Service (RaaS) group 8Base.

Key findings from this quarter’s report include:

• Ransomware attacks reached a historic high in Q1 2025, with 2,063 victims reported—a staggering 102% increase compared to the previous year.
• A record high number of active threat groups, with 70 identified in Q1, reflecting a 55.5% year-over-year rise.
• A 75% increase in actively exploited flaws compared to the same period in 2024, with 12,333 vulnerabilities reported in Q1 alone.
• The manufacturing, retail, and technology industries were most heavily impacted by ransomware in Q1 2025. Notably, the non-profit sector saw a dramatic surge in ransomware attacks, with ransomware incidents doubling quarter-over-quarter.
• 59% of observed ransomware victims in Q1 2025 were based in The United States, the highest proportion seen to date.

"While historical trends suggest we could see a seasonal slowdown as we approach the summer, the threat landscape remains volatile," North added. "A single large-scale exploit—like those we've seen from Clop—could once again shift the ecosystem’s trajectory. The conditions for another record-breaking year are firmly in place. It’s now up to the defenders to change that narrative."

The Ransomware & Cyber Threat Report is based on data obtained from publicly available resources, including threat groups themselves, as well as threat analyst insights into the ransomware threat landscape.

For more information:

• Download the GRIT 2025 Q1 Ransomware & Cyber Threat Report
• Register for GRIT’s upcoming webinar
• Read our blog for more Q1 threat insights

About GuidePoint Security

GuidePoint Security provides trusted cybersecurity expertise, solutions, and services that help organizations make better decisions that minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you through an evaluation of your cybersecurity posture and ecosystem to expose risks, optimize resources and implement best-fit solutions. GuidePoint’s unmatched expertise has enabled 40% of Fortune 500 companies and more than half of the U.S. government cabinet-level agencies to improve their security posture and reduce risk. Learn more at www.guidepointsecurity.com.

Fonte: Business Wire