Attacks involving ransomware were discovered by NCC Group to have totaled 600 in March which is 32% lower than in February but 46% higher than the same month last year with the month-to-month decline believed by NCC Head of Threat Intelligence Matt Hull to be a "red herring" after the recent surge in intrusions, Infosecurity Magazine reports.
Forty-eight percent of all ransomware incidents last month were aimed at North America, which is expected to face increased intrusions amid ongoing geopolitical tensions between the U.S. and Canada, findings from the firm's Threat Pulse report revealed. Meanwhile, most attacks last month were attributed to the Babuk2 threat operation, which is not linked to the original Babuk ransomware gang, but the group's legitimacy has been in question due to its failure to provide evidence of compromise. NCC Group researchers also reported that Clop continued to be the most active ransomware group during the first three months of 2025, followed by Akira, RansomHub, Babuk2, and Qilin.
Forty-eight percent of all ransomware incidents last month were aimed at North America, which is expected to face increased intrusions amid ongoing geopolitical tensions between the U.S. and Canada, findings from the firm's Threat Pulse report revealed. Meanwhile, most attacks last month were attributed to the Babuk2 threat operation, which is not linked to the original Babuk ransomware gang, but the group's legitimacy has been in question due to its failure to provide evidence of compromise. NCC Group researchers also reported that Clop continued to be the most active ransomware group during the first three months of 2025, followed by Akira, RansomHub, Babuk2, and Qilin.
