Skip to main content
VendorsBlack Kite

Black Kite

Cybersecurity reports and statistics published by Black Kite

8 categories9 reports

Recent Statistics & Reports

65% of third-party vendors are not maintaining current patch levels, which exposes financial institutions to inherited risk from known vulnerabilities (CVEs) and potentially unpatched zero-day vulnerabilities in legacy technologies.

7/10/2025
FinancialThird-party vendorsVulnerabilities

Ransom payment values declined by 35%.

5/13/2025
RansomwareRansom

There are now 96 active ransomware groups.

5/13/2025
RansomwareThreat group

52 entirely new ransomware groups emerged in the last year.

5/13/2025
RansomwareThreat group

Publicly disclosed ransomware victims climbed to 6,046. This represents a 24% increase year over year for publicly disclosed victims. The victim count has also more than doubled since 2023.

5/13/2025
Ransomware

The number of publicly disclosed victims saw a 25% increase from the previous year (between April 2024 and March 2025)2. This follows an 81% surge in the period before that.

5/13/2025
Ransomware

Small and mid-sized businesses (SMBs) in the $4M-$8M range were the most frequently targeted.

5/13/2025
RansomwareSMBs

Ransomware was responsible for 67% of known third-party breaches.

5/13/2025
RansomwareThird-party

There has been a 123% increase in ransomware attacks over two years.

5/13/2025
Ransomware

A significant portion of vulnerabilities were weaponized within days of disclosure.

4/8/2025
CVEsVulnerabilities

Over 4,400 of the disclosed CVEs in 2024 were classified as critical (CVSS 9.0+).

4/8/2025
CVEsCVSSVulnerabilities

There was a 38% year-over-year increase in published CVEs.

4/8/2025
CVEsVulnerabilities

Over 40,000 CVEs were disclosed in 2024.

4/8/2025
CVEsVulnerabilities

Over 20,000 of the disclosed CVEs in 2024 had a CVSS score of 7.0 or higher.

4/8/2025
CVEsCVSSVulnerabilities

Many of 2024's most exploited vulnerabilities were found in widely used third-party software rather than internally developed applications

4/8/2025
CVEsVulnerabilitiesThird-party

General medical and surgical hospitals are the second-most-targeted industry group by ransomware, making up 22% of healthcare victims, followed by other health professionals offices, such as dentists and outpatient centres.

1/1/2025

There were 66 ransomware healthcare victims in Q1 2024, 87 healthcare victims in Q2 2024, 99 healthcare victims in Q3 2024, and 121 healthcare victims in Q4 2024.

1/1/2025
RansomwareHealthcare

Healthcare is the third-most-targeted industry by ransomware groups, behind manufacturing and professional services.

1/1/2025

There were 66 ransomware healthcare victims in Q1 2024, 87 healthcare victims in Q2 2024, 99 healthcare victims in Q3 2024, and 121 healthcare victims in Q4 2024.

1/1/2025
RansomwareHealthcare

There was a total of 374 tracked healthcare ransomware attacks in 2024.

1/1/2025
RansomwareHealthcare

Showing 41-60 of 74 results