Thousands of companies fall victim to this particular cyberattack. Act now

Published: 16 October 2025
red hacker siluet, black CD drive, orange zeroes in lines,
Image by Cybernews.

Ransomware attacks have surged this year, and US-based companies remain the prime target for cybercriminals.

Over 6,000 ransomware cases were exposed on the dark web between January and September, a 47% increase from the previous year. And these are just the documented cases that cybersecurity company NordStellar found by continuously monitoring over 200 blogs operated by ransomware groups.

ADVERTISEMENT
Number of companies hit by ransomware

Unsurprisingly, US businesses took the most brutal hit.

"The US is home to numerous profitable public businesses, and this, coupled with strict regulations, makes these companies a higher-profile target for cyberattacks. Their potential for high profitability, combined with a higher likelihood of meeting ransomware demands to resolve incidents quickly, increases the chances of success for attackers," Vakaris Noreika, cybersecurity expert at NordStellar, is quoted as saying.

In Q3, the manufacturing industry was the most affected, with 245 reported cases. These companies are often inclined to give in to ransomware gangs’ demands as they face high operational downtime costs.

The most hit sectors

It seems that criminals favor smaller businesses, which can’t afford the cost of downtime, data loss, and reputational damage that a full-blown ransomware attack could cause.

"Ransomware actors usually perceive smaller businesses as lower-risk targets because they might lack a sophisticated IT infrastructure, operate on low cybersecurity budgets, and not have the means to investigate or report attacks to authorities," says Noreika.

Veteran ransomware gangs such as Qilin, Akira, and Play continue to dominate the cybercrime landscape.

ADVERTISEMENT
The most active ransomware gangs

How can you protect yourself from ransomware attacks?

  1. Organize cybersecurity training on phishing scams
  2. Introduce multi-factor authentication and a password management system
  3. Monitor for external vulnerabilities and any potential data leaks on the dark web that could lead to a more sophisticated attack
  4. Craft a recovery plan
  5. Back up critical data

"Another important factor is monitoring and addressing unknown cybersecurity gaps. With more businesses embracing hybrid or remote work models, introducing unmanaged devices and relying on third-party vendors, the attack surface is expanding, and any endpoint can be exploited," says Noreika.

Unlock exclusive Cybernews content on YouTube

Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked