CyberSecStats #9 - Monthly stats round-up [March/April 2025]

Hello!👋🏼Laura from CyberSecStats here with a monthly email of the latest cybersecurity market statistics pulled from recent vendor reports and research papers. 

All of the statistics and data points below were published by cybersecurity vendors in the past month (March/April 2025). 

🦠 Ransomware

1. Ransomware payloads in phishing attacks rose by 22.6% over 6 months, with a 57.5% increase in just 3 months. (KnowBe4)
2. Only 29% of security professionals are prepared for ransomware attacks. (Ivanti) 
3. Global levels of ransomware attacks increased month-on-month and year-on-year in February 2025. (NCC Group)
4. Cl0p was responsible for 330 attacks in February 2025, a 460% increase from January (59). (NCC Group)
5. 83% of all ransomware cases globally took place in North America and Europe in February 2025. (NCC Group)
6. Ransom payments declined by 35% in Q1 2025. (Ontinue)
7. Most ransomware claims in 2024 started with threat actors compromising perimeter security appliances (58%), like virtual private networks (VPNs) or firewalls. (Coalition)
8. Remote desktop products were the second-most exploited vector for ransomware attacks in 2024, at 18%. (Coalition)
9. Across all ransomware claims in 2024, the most common initial access vectors (IAVs) were stolen credentials (47%) and software exploits (29%). (Coalition)

📬Email threats

10. 11% of email threats evaded gateway security in Q4 2024. (HP Wolf Security) 
11. 53% of threats targeting endpoints were delivered by email in Q4 2024. (HP Wolf Security)