Summary
Key Points:
- The French Cybersecurity Agency (ANSSI) reported a decline in ransomware attacks in 2025, with 128 incidents compared to 141 in 2024, attributed to effective law enforcement and cybersecurity interventions.
- Ransomware remains a significant threat, particularly targeting small and medium businesses (SMBs), healthcare, and education sectors. Notable strains include Qilin (21%) and LockBit 3.0 (5%).
- Continued vigilance is recommended, as data exfiltration incidents are rising, and the merging tactics of nation-state actors with cybercriminals complicate threat attribution.
Technical Details: The report highlights the emergence of new ransomware strains like Nova and Warlock, alongside established ones. The agency's proactive measures, including Operation Endgame, have disrupted ransomware operations significantly.
MITRE ATT&CK Techniques:
- None mentioned
IOCs Mentioned:
- None mentioned
Join the discussion — sign up to comment, upvote, and save articles.