According to NCC Group research, ransomware attacks fell by 31% in April, with 416 cases. This was the second consecutive month where ransomware attacks dropped, following a record-breaking start to the year.
But while numbers fell, cybercriminals remained active, with targeted strikes continuing across key industries and regions.
“While the number of reported ransomware victims declined further in April, it would be a mistake to assume that this is a sign that the threat is fading. The recent attacks on the UK retail sector have laid bare just how disruptive and far-reaching these incidents can be. This is only a glimpse of the broader threat landscape. Globally, many ransomware cases still fly under the radar, and are under-reported or deliberately kept quiet,” says Matt Hull, head of threat intelligence at NCC Group. “Geopolitical and economic uncertainty is also adding fuel to the fire, providing more lucrative targets and opportunities for attackers to strike. And with increasingly convincing methods of attacks, such as weaponized PDFs, it’s only getting harder for individuals and organizations who need to be forever alert. In this climate, a strong and embedded security culture is no longer optional; it is a critical enabler of organizational resilience. It’s more important than ever for organizations to maintain a strong security culture, respond quickly to emerging threats, and adapt to shifting tactics, all the while staying ahead of adversaries that never stop evolving.”
Key takeaways:
· Despite the number of consumer discretionary attacks falling month on month, the targets impacted have been both high profile and consequential. Ransomware has been a hot topic in April, notably in the UK, with major retailers and supermarkets of interest to threat actors given the high cost of disrupting payment systems and operations, the value of customer data, and the potential for high payouts.
· Industrials remained the most targeted sector with 32% of attacks in April (133). Despite high-profile attacks on retailers, consumer discretionary came second with 73 attacks, a notable decline from March (124).
· North America continues to bear the brunt with 51% of global attacks (211). With 27% of attacks (110), Europe experience nearly half as many incidents as North America. Asia saw smaller shares with 12% of attacks (51), followed by South America with 5% of attacks (21).
· The rise of AI is complicating attack methods, generating more realistic lures, while the shift to remote work continues to blur the line between personal and professional device security.
