Ransomware activity holds steady in July

Security Brief Asia reports that global ransomware incidents remained largely steady in July, with 376 cases recorded worldwide, just a 1% increase from June, according to NCC Group's latest threat intelligence report. While the numbers suggest stability, experts warn against complacency, noting that ransomware activity remains highly disruptive. The industrial sector was the most targeted, accounting for 27% of attacks, followed by consumer discretionary businesses, IT, and healthcare. The report identified INC Ransom as the most active group, responsible for 14% of incidents, with activity sharply rising since May and including strikes on critical national infrastructure. Other notable actors included Qilin and Safepay, each at 11%, and Akira with 10%. Geographically, North America bore the brunt, representing 54% of global cases, while Europe, Asia, and South America trailed behind. Analysts also highlighted geopolitical tensions, including U.S.-China trade disputes, the Russia-Ukraine conflict, and unrest in the Middle East, as factors likely to shape future cyber risks. "Now is not the time for complacency," cautioned Matt Hull, NCC Group's Global Head of Threat Intelligence.