VendorsNCC Group
NCC Group
Cybersecurity reports and statistics published by NCC Group
8 categories6 reports
Research Reports
Reports and publications from NCC Group
Operational technology faces heightened cyber risk, with the industrials sector experiencing thousands of attacks per year
5/13/2026
NCC Group Monthly Threat Pulse – Review of June 2025
7/23/2025
NCC Group Monthly Threat Pulse – Review of May 2025
6/25/2025
Monthly Threat Pulse – Review of March 2025
4/24/2025
Monthly Threat Pulse – Review of February 2025
3/19/2025
NCC Group Monthly Threat Pulse – Review of December 2024
1/1/2025
Recent Statistics & Reports
In the 12 months from March 2025, industrial organisations accounted for 29.6% of all ransomware activity on average.
5/27/2026•
RansomwareIndustrial Security
Within capital goods, machinery experienced 442 ransomware attacks and construction and engineering experienced 394 ransomware attacks in the 12 months from March 2025.
5/27/2026•
RansomwareMachineryConstruction
Industrial organisations experienced 2,073 ransomware attacks in the 12 months from March 2025.
5/27/2026•
RansomwareIndustrial Security
Capital goods organisations experienced 1,192 ransomware attacks in the 12 months from March 2025.
5/27/2026•
RansomwareManufacturingCapital Goods
North America remained the hardest-hit region, accounting for 58% of all global ransomware attacks (215 cases) in June 2025.
7/23/2025•
RansomwareNorth America
Healthcare ranked third in June 2025 with 42 ransomware attacks, nearly doubling from 22 in May.
7/23/2025•
RansomwareHealthcare
Play dropped to third place of most active threat groups in June 2025 with 29 attacks.
7/23/2025•
RansomwarePlayThreat actors
Qilin was the most active threat group in June 2025, responsible for 16% of all attacks, which amounted to 60 cases.
7/23/2025•
RansomwareQilinThreat actors
Europe experienced an 8% drop in June 2025, accounting for 21% of ransomware attacks (79 cases). This was fewer than half the number recorded in North America.
7/23/2025•
RansomwareEurope
South America had a 4% share of ransomware attacks (15 cases) in June 2025.
7/23/2025•
RansomwareSouth America
Qilin saw a significant rise in Q2 2025 with 151 attacks, up from 95 attacks in Q1.
7/23/2025•
RansomwareQilinThreat actors
SafePay dropped to fourth place of most active threat groups in June 2025 with 27 attacks.
7/23/2025•
RansomwareSafePayThreat actors
Ransomware attacks in the Consumer Discretionary sector (including retail) fell significantly from 102 in May 2025 to 76 in June 2025.
7/23/2025•
RansomwareConsumer discretionary
The Handala ransomware group, a pro-Palestine group, targeted 17 Israeli organisations between 14th and 30th June 2025. These attacks coincided with the 12-day Iran-Israel war.
7/23/2025•
RansomwareHandalaThreat actors
North America was responsible for 52% of ransomware attacks across Q2 2025.
7/23/2025•
RansomwareNorth America
Overall, 79% of all global ransomware cases in June 2025 took place in North America and Europe combined
7/23/2025•
RansomwareNorth AmericaEurope
Qilin ranked as the third most active threat group in May 2025 with 42 attacks.
7/23/2025•
RansomwareQilinThreat actors
Industrials represented nearly a third (30%) of all ransomware attacks in Q2.
7/23/2025•
RansomwareIndustrials
Asia had a 12% share of ransomware attacks (43 cases) in June 2025.
7/23/2025•
RansomwareAsia
The Information Technology sector came fourth in June with 33 ransomware attacks.
7/23/2025•
RansomwareInformation Technology
Showing 1-20 of 77 results