KELA recently unveiled their Escalating Ransomware Threats to National Security report, revealing a 34 percent year-over-year increase in ransomware attacks targeting critical industries between January and September 2025. Nearly half of all global ransomware incidents struck sectors essential to national resilience — including manufacturing, energy and transportation.
"Ransomware operations should be understood not solely as financially motivated attacks but also as tactical instruments, capable of disrupting victim operations while inflicting financial and reputational damage. In critical industries, such disruptions can have national-level consequences," said Lin Levi, Threat Intelligence Team Lead. "
Key Findings from KELA's Report:
- 50 percent of all attacks targeted critical infrastructure sectors, representing a 34 percent year-over-year increase in ransomware attacks targeting critical industries.
- Manufacturing saw the sharpest growth, with attacks surging 61 percent year-over-year.
- The United States was hit hardest, experiencing roughly 21 percent of all global ransomware activity, followed by Canada, Germany, the U.K., and Italy.
- Out of 103 active ransomware groups, just five — Qilin, Clop, Akira, Play, and SafePay — accounted for nearly 25 percent of all incidents.
To download the full report, visit KELA's website.
