Skip to main content

KELA

Cybersecurity reports and statistics published by KELA

8 categories5 reports

Recent Statistics & Reports

From January 1 to September 1, 2025, there were 4,701 recorded ransomware incidents, with 2,332 incidents (50%) targeting critical sectors such as manufacturing, healthcare, energy, transportation, and financial services.

10/21/2025
Ransomwarecritical infrastructuremanufacturing

From January 1 to September 1, 2024, there were 3,219 total recorded ransomware incidents, with 1,745 incidents (54%) targeting critical sectors.

10/21/2025
Ransomwarecritical infrastructure

Ransomware attacks against the manufacturing sector surged from 520 incidents in 2024 to 838 incidents in 2025, marking a 61% increase.

10/21/2025
Ransomwaremanufacturing

In 2025, Italy experienced 74 ransomware incidents, representing 1.6% of all attacks.

10/21/2025
RansomwareItalyGeography

2.67 million machines were infected by infostealer malware in H1 2025. This led to more than 204 million compromised credentials being observed.

8/4/2025
InfostealerCompromised credentials

Both infostealer infections and compromised credentials are on track to surpass 2024 figures, which saw over 4.3 million machines infected with approximately 330 million compromised credentials. This indicates a 24% increase YoY in these areas.

8/4/2025
InfostealerCompromised credentials

3,662 ransomware victims were tracked globally by KELA in the first half of 2025. This represents a 54% increase year-over-year (YoY) compared to the first half of 2024, as KELA tracked a total of 5,230 victims in all of 2024.

8/4/2025
Ransomware

The United States accounted for over half of all ransomware victims in H1 2025.

8/4/2025
RansomwareUS

Clop ransomware experienced a 2,300% increase in victim claims, which was driven by the exploitation of a vulnerability in Cleo software.

8/4/2025
RansomwareClop

The average time between credentials being found and the reported ransomware attack was 2.5 weeks

4/29/2025
CredentialsCredential theftRansomware

Infostealer activity has surged by 266% in recent years.

4/29/2025
Infostealer

Credentials for victims of the Play, Akira, and Rhysida ransomware groups were found on cybercrime marketplaces between 5 and 95 days prior to the reported attack.

4/29/2025
CredentialsCredential theftRansomware

Among the roles most vulnerable to credential theft, 28% were in Project Management, followed by Consulting (12%) and Software Development (10.7%).

4/29/2025
CredentialsCredential theft

KELA's platform recorded a 200% increase in mentions of malicious AI tools and tactics in 2024.

3/25/2025
AI

KELA found a 200% surge in cybercriminals seeking AI to launch attacks.

3/25/2025
AICyber attack

KELA found a 200% surge in cybercriminals seeking AI to launch attacks.

3/25/2025
AICyber attack

There was a 52% increase in discussions related to jailbreaking methods on cybercrime forums in 2024 compared to the previous year.

3/25/2025
Jailbreaking

Over 330 million compromised credentials were linked to infostealer malware.

2/1/2025

Over 200 new hacktivist groups emerged, conducting more than 3,500 distributed denial-of-service (DDoS) attacks

2/1/2025

3.9 billion credentials were shared in the form of credentials lists (ULP files).

2/1/2025

Showing 21-40 of 42 results