VendorsBlack Kite
Black Kite
Cybersecurity reports and statistics published by Black Kite
8 categories9 reports
Research Reports
Reports and publications from Black Kite
2026 State of Financial Services: The Dual Storm of Ransomware and Vendor Ecosystem Risk
6/3/2026
2026 Supply Chain Vulnerability Report
5/19/2026
2026 Third-Party Breach Report: Managing Risk Concentration in the Era of Cascading Failures
3/7/2026
2025 Manufacturing Report: Why Your Supply Chain is Your Biggest Cyber Risk
10/8/2025
2025 State of Financial Services: Hidden Dangers in the Vendor Ecosystem
7/10/2025
2025 Ransomware Report How Ransomware Wars Threaten Third-Party Cyber Ecosystems
5/13/2025
2025 Supply Chain Vulnerability Report
4/8/2025
Healthcare Under Ransomware Attack
1/1/2025
Healthcare Under Ransomware Attack
1/1/2025
Recent Statistics & Reports
65% of third-party vendors are not maintaining current patch levels, which exposes financial institutions to inherited risk from known vulnerabilities (CVEs) and potentially unpatched zero-day vulnerabilities in legacy technologies.
7/10/2025•
FinancialThird-party vendorsVulnerabilities
Ransom payment values declined by 35%.
5/13/2025•
RansomwareRansom
There are now 96 active ransomware groups.
5/13/2025•
RansomwareThreat group
52 entirely new ransomware groups emerged in the last year.
5/13/2025•
RansomwareThreat group
Publicly disclosed ransomware victims climbed to 6,046. This represents a 24% increase year over year for publicly disclosed victims. The victim count has also more than doubled since 2023.
5/13/2025•
Ransomware
The number of publicly disclosed victims saw a 25% increase from the previous year (between April 2024 and March 2025)2. This follows an 81% surge in the period before that.
5/13/2025•
Ransomware
Small and mid-sized businesses (SMBs) in the $4M-$8M range were the most frequently targeted.
5/13/2025•
RansomwareSMBs
Ransomware was responsible for 67% of known third-party breaches.
5/13/2025•
RansomwareThird-party
There has been a 123% increase in ransomware attacks over two years.
5/13/2025•
Ransomware
A significant portion of vulnerabilities were weaponized within days of disclosure.
4/8/2025•
CVEsVulnerabilities
Over 4,400 of the disclosed CVEs in 2024 were classified as critical (CVSS 9.0+).
4/8/2025•
CVEsCVSSVulnerabilities
There was a 38% year-over-year increase in published CVEs.
4/8/2025•
CVEsVulnerabilities
Over 40,000 CVEs were disclosed in 2024.
4/8/2025•
CVEsVulnerabilities
Over 20,000 of the disclosed CVEs in 2024 had a CVSS score of 7.0 or higher.
4/8/2025•
CVEsCVSSVulnerabilities
Many of 2024's most exploited vulnerabilities were found in widely used third-party software rather than internally developed applications
4/8/2025•
CVEsVulnerabilitiesThird-party
General medical and surgical hospitals are the second-most-targeted industry group by ransomware, making up 22% of healthcare victims, followed by other health professionals offices, such as dentists and outpatient centres.
1/1/2025
There were 66 ransomware healthcare victims in Q1 2024, 87 healthcare victims in Q2 2024, 99 healthcare victims in Q3 2024, and 121 healthcare victims in Q4 2024.
1/1/2025•
RansomwareHealthcare
Healthcare is the third-most-targeted industry by ransomware groups, behind manufacturing and professional services.
1/1/2025
There were 66 ransomware healthcare victims in Q1 2024, 87 healthcare victims in Q2 2024, 99 healthcare victims in Q3 2024, and 121 healthcare victims in Q4 2024.
1/1/2025•
RansomwareHealthcare
There was a total of 374 tracked healthcare ransomware attacks in 2024.
1/1/2025•
RansomwareHealthcare
Showing 41-60 of 74 results