GuidePoint Security announced today the release of the GuidePoint Research and Intelligence Team’s (GRIT) annual Ransomware & Cyber Threat Report.
The GRIT 2026 Ransomware & Cyber Threat Report provides exclusive in-depth research, insights and analysis on a year of record-breaking ransomware activity, examining who cybercriminals are targeting (and why), the top tactics threat actors are using and how shifting ransomware group dynamics are redefining the threat landscape.
Findings from this year’s report include:
- Ransomware victim numbers hit a new all-time high. 2,287 ransomware victims were posted in Q4 2025 alone — the largest number recorded in a single quarter since the report’s inception.
- The number of threat groups has reached record levels. 124 distinct ransomware groups were active in 2025, the highest ever recorded and a 46% year-over-year increase.
- The United States remains a top geographic target for ransomware attacks. In 2025, more than half (55%) of ransomware victims were based in the U.S.
- A new RaaS leader has emerged. Qilin’s activity levels in 2025 were the highest of any group ever observed.
- The Manufacturing industry was most heavily impacted by ransomware, accounting for 14% of attacks. The Technology (9%) and Retail/Wholesale (7%) industries followed closely behind.
- High ransomware activity levels should continue in 2026. December 2025 was the most active month for claimed ransomware victims on record with 814 successful attacks — a 42% year-over-year increase.
The report also explores the growing use of AI in ransomware attacks, examines the impact of zero-day vulnerabilities on ransomware and takes an in-depth look at major ransomware operators throughout the year, including an analysis of ransomware payments made to the Qilin and Akira groups.
The GRIT 2026 Ransomware & Cyber Threat Report is based on data obtained from publicly available resources, vendor threat research, internal incident response case data and open-source intelligence collected from illicit forums and marketplaces.
Like this:
Like Loading...
Related
This entry was posted on January 15, 2026 at 9:00 am and is filed under Commentary with tags GuidePoint. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Ransomware Victims and Threat Groups Surge to Record Levels, GuidePoint Security Finds
GuidePoint Security announced today the release of the GuidePoint Research and Intelligence Team’s (GRIT) annual Ransomware & Cyber Threat Report.
The GRIT 2026 Ransomware & Cyber Threat Report provides exclusive in-depth research, insights and analysis on a year of record-breaking ransomware activity, examining who cybercriminals are targeting (and why), the top tactics threat actors are using and how shifting ransomware group dynamics are redefining the threat landscape.
Findings from this year’s report include:
The report also explores the growing use of AI in ransomware attacks, examines the impact of zero-day vulnerabilities on ransomware and takes an in-depth look at major ransomware operators throughout the year, including an analysis of ransomware payments made to the Qilin and Akira groups.
The GRIT 2026 Ransomware & Cyber Threat Report is based on data obtained from publicly available resources, vendor threat research, internal incident response case data and open-source intelligence collected from illicit forums and marketplaces.
Share this:
Like this:
Related
This entry was posted on January 15, 2026 at 9:00 am and is filed under Commentary with tags GuidePoint. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.