How Ransomware Wars Threaten Third-Party Cyber Ecosystems
Written by: The Black Kite Research & Intelligence Team (BRITE) led by Ferhat Dikbiyik, Chief Research & Intelligence Officer
Although ransomware payments are down for the 12 months we studied (April 2024 – March 2025), there’s no slowdown of ransomware attacks to report.
In fact, ransomware attacks surged by 24% this past year, with small and mid-sized businesses becoming the primary targets. As major syndicates collapsed, a wave of new, less coordinated groups emerged, introducing more chaos to the landscape and increasingly leveraging supply chain vulnerabilities.
You’ll learn:
- The Evolving Threat Landscape: Understand how the past year reshaped the ransomware battlefield.
- Critical Attack Data: Analyze trends in victim numbers, geography, and industry impact.
- Supply Chain Vulnerabilities: Learn about ransomware’s increasing focus on third-party vendors.
- The Clop’s Cleo Campaign: A detailed case study in mass exploitation.
- Proactive Risk Mitigation: Pinpoint ransomware risk with third-party risk intelligence.
- The Fall of Giants: Examine the collapse of LockBit & AlphV and the resulting power shift.
- Top Threat Actors: Profiles of the most active and emerging ransomware groups.
- Legal and Operational Responses: Understand the fight against ransomware.
- AI’s Impact on Attacks: How artificial intelligence is changing ransomware methods.
- Future Trends and Recommendations: Prepare for what’s next in the ransomware wars.
The ransomware threat hasn’t disappeared—it has fractured and multiplied. With more actors, less predictability, and deeper entanglement in supply chains, organizations must shift from reactive defenses to proactive intelligence and third-party monitoring. As the battlefield changes, so must the strategy.
No download required