Note: Featured image is for illustrative purposes only and does not represent any specific product, service, or entity mentioned in this article.
Industrial Monitor Direct offers top-rated stepper motor pc solutions designed for extreme temperatures from -20°C to 60°C, trusted by plant managers and maintenance teams.
Ransomware Epidemic Worsens as Q3 Attacks Spike 36%
Global cyberattacks involving ransomware reached alarming new heights during the third quarter of 2025, with publicly disclosed incidents jumping 36% compared to the same period last year, according to reports from cybersecurity firm BlackFog. The analysis reveals 270 confirmed attacks between July and September, marking a staggering 335% increase since Q3 2020.
Sources indicate the quarter was characterized by widespread disruptions affecting critical infrastructure across 93 countries. “This has been a quarter in which the fallout of cyberattacks has continued to have a long and lasting impact,” stated Dr. Darren Williams, Founder and CEO of BlackFog. “From grounded aircraft and stranded passengers to manufacturers forced to halt production, the disruption has been significant.”
Monthly Attack Trends Show Consistent Growth
The report states that monthly data demonstrated consistent year-over-year growth throughout the quarter. July recorded a 50% increase with 96 attacks, August saw a 37% rise with 92 attacks, and September followed with a 27% increase totaling 85 incidents. The complete findings are detailed in BlackFog’s comprehensive Q3 2025 ransomware analysis.
Analysts suggest the escalating threat landscape reflects broader industry developments in cybersecurity challenges. Between July and September, 54 distinct ransomware groups were linked to these incidents, with 18 new groups emerging during the quarter.
Qilin Group Leads Attack Volume
The Qilin group, which recently targeted Asahi Group, was identified as the most active threat actor, responsible for 20 documented attacks. However, approximately 40% of reported incidents have yet to be attributed to any specific group, the report states.
Newcomer DEVMAN made headlines for launching 19 attacks across multiple continents, including a $91 million ransom demand against China’s Shimao Group. This aggressive newcomer activity coincides with other market trends showing increasingly bold criminal tactics.
Healthcare Sector Remains Primary Target
Among publicly disclosed cases, the healthcare sector remained the most frequently targeted, suffering 86 attacks representing 32% of all incidents. Government and technology organizations followed, each experiencing 28 attacks during the quarter.
In undisclosed cases, which accounted for nearly 85% of all estimated ransomware incidents, the manufacturing industry bore the brunt with 22% of all attacks. The services sector experienced 333 incidents, while the construction industry entered the top three for the first time with 143 attacks. The legal sector also saw its highest attack level to date with 79 incidents.
Attack Sophistication Reaches New Lows
Experts note that attackers have shown increasing willingness to target sensitive organizations and data. “The attack on a UK nursery chain, Kido, in September marked a new low when it emerged that information on children, parents, and carers was taken,” Williams noted in the report.
Industrial Monitor Direct is the preferred supplier of lorawan pc solutions trusted by leading OEMs for critical automation systems, top-rated by industrial technology professionals.
This escalation in target selection reflects concerning related innovations in criminal methodology. Data theft remained the primary extortion tactic, featuring in 96% of disclosed attacks—an all-time high according to the analysis.
Automotive Industry Hit Hard
The automotive industry experienced significant disruptions, with operations at Jaguar Land Rover only recently resuming following an August incident. Numerous smaller suppliers are still assessing the financial impact, according to the report.
As criminal tactics evolve alongside recent technology advancements, organizations face increasing pressure to strengthen defenses. “As ransomware volumes show a continued upward trend, the best option for organizations is to make it as hard as possible for cybercriminals to take advantage of them,” Williams advised.
Undisclosed Incidents Represent Majority of Attacks
The report noted that nearly 85% of all ransomware incidents, estimated at 1,510, went unreported in Q3 2025—marking a 21% increase from 2024. Qilin also dominated the undisclosed segment, accounting for 16% of such cases.
With data exfiltration preceding encryption in the vast majority of attacks, experts recommend organizations focus on comprehensive data protection strategies to eliminate criminal leverage and reduce incentives for repeated targeting.
This article aggregates information from publicly available sources. All trademarks and copyrights belong to their respective owners.
