GRIT 2025 Q1 Ransomware & Cyber Threat Report

The industries most heavily impacted by ransomware in Q1 2025 were manufacturing, retail, and technology. Notably, the non-profit sector saw a dramatic surge in ransomware attacks, with incidents doubling quarter-over-quarter .

The first quarter of 2025 saw a record high in ransomware attacks, with 2,063 victims reported. This represents a 102% increase compared to the previous year.

There was also a record high number of active threat groups, with 70 identified in Q1 2025. This is a 55.5% year-over-year rise.

There was a 75% increase in actively exploited flaws compared to the same period in 2024, with 12,333 vulnerabilities reported in Q1 alone .

Geographically, 59% of observed ransomware victims in Q1 2025 were based in The United States, which is the highest proportion seen to date.

There was also a record high number of active threat groups, with 70 identified in Q1 2025. This is a 55.5% year-over-year rise.