Ransomware attacks rose significantly in the first quarter of 2025, marking a 126% increase compared to 2024. The consumer goods and services sector was the hardest hit, making up 13.2% of all global ransomware incidents. Following this sector were business services at 9.8% and industrial manufacturing at 9.1%. This rise in attacks highlights the growing focus on industries with complex digital infrastructures and large customer data repositories.
Geographically, North America experienced the highest number of ransomware incidents, accounting for 62% of attacks worldwide. Europe followed with 21%, while the Asia-Pacific region, Latin America, and Africa made up 10%, 6%, and 1%, respectively. The disparity in attack distribution shows a global threat that disproportionately affects certain regions. The overall number of attacks across regions indicates an increase in targeted cybercrime activity, especially in the consumer goods and services sectors.
Cyberattack trends reveal a disturbing shift in ransomware tactics, with a rise in double-extortion schemes. Attackers are not only encrypting data but also threatening to release sensitive information unless ransom demands are met. These attacks typically begin with phishing campaigns aimed at exploiting vulnerabilities in supply chains. Malicious emails containing harmful links or attachments are the primary vector for initial access into targeted networks.
The structure of attacks against consumer goods companies is systematic, involving credential harvesting, privilege escalation, and data exfiltration before the ransomware payload is deployed. Many of these companies are targeted due to their vast digital ecosystems and the valuable data they hold. In some cases, ransom demands exceeded $2 million, with attackers often targeting firms with cyber insurance policies. This suggests a targeted approach, where attackers carefully assess their victims before launching the attacks.
Reference: