Cybersecurity News in Asia

RECENT STORIES:

SEGA moves faster with flow-based network monitoring
Malvertising campaign targets Android users with advanced crypto-steal...
How are people in 15 countries leveraging AI for travel planning?
Insider threats cited alongside external attacks in terms of severity:...
How are people in 15 countries leveraging AI for travel planning?
North America financial institutions lead surge in financial regulator...
LOGIN REGISTER
CybersecAsia
  • Features
    • Featured

      Resilience the true benchmark for smart infrastructure

      Resilience the true benchmark for smart infrastructure

      Wednesday, August 27, 2025, 8:21 PM Asia/Singapore | Features, IoT Security
    • Featured

      Deepfake a crisis of trust, not just technology

      Deepfake a crisis of trust, not just technology

      Tuesday, August 19, 2025, 10:06 AM Asia/Singapore | Features
    • Featured

      When talking sense into AI power mongers fails, talk $$$: A message from AI

      When talking sense into AI power mongers fails, talk $$$: A message from AI

      Thursday, August 14, 2025, 12:26 PM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • Awards 2025
  • Directory
  • E-Learning

Select Page

News

Did law enforcement takedowns in Q2 2025 reduce ransomware attacks levels?

By CybersecAsia editors | Tuesday, August 5, 2025, 11:24 AM Asia/Singapore

Did law enforcement takedowns in Q2 2025 reduce ransomware attacks levels?

At least this is what the Q2 incident metrics of one cybersecurity firm suggests…

Based on its incident metrics for Q2 2025, a cybersecurity firm has released some trends for its user base during that period.

The quarterly figures for ransomware incidents reflect a 43% decline in attacks compared to those in Q1. In June , the firm’s data showed a 6% decrease in attacks, with 371 recorded cases.

The slowdown follows a surge in attacks recording in the firm’s Q1 metrics, driven by aggressive campaigns from dominant ransomware groups including Clop, RansomHub, and Akira. However, with  recent law enforcement efforts successfully disrupting some of these key operators, Clop and RansomHub incidents were no longer in the top 10 most active ransomware groups in the Q2 data.

Educated guesses also point to conflicts and rivalry between ransomware factions in May that could have resulted in disruption of cyberattacks, but correlation is not always causation.

Other cyber trends in Q2 2025
In terms of activity levels, Qilin was the most active ransomware group in the Q2 data, comprising 13% (151 incidents) of attacks in the data, compared to 95 incidents in Q1 2024. Other notable groups for Q2 2025 include Akira, Play, and SafePay.

  • In terms of targeted groups, industrials topped the firm’s data, accounting for 30% of attacks, followed by consumer discretionary (21%), information technology (10%), healthcare (8%), and financial services (6%).
  • North America remained the hardest-hit region among the firm’s customers, accounting for 58% of all global attacks (215) in June, and for 52% across Q2. Europe customer bases, on the other hand, had experienced an 8% drop in June with 21% of attacks (79). Asia had a 12% share of attacks (43), while South America followed with 4% (15).
  • One last trend noted in the data was the possible political messaging by ransomware groups: The Handala group (pro-Palestine actors) had targeted 17 Israeli organizations between 14 –  30 June 2025, coinciding with the 12-day Iran-Israel war. The attacks, which commenced the day after Israel’s strikes on Iran, were likely retaliatory in nature. This possible trend could spread to other groups of attackers in future.

According to Matt Hull, Global Head of Threat Intelligence, NCC Group, the firm releasing its Q2 data analysis: “While reported ransomware incidents declined in Q2, the ecosystem remains highly volatile with new groups emerging and existing groups adapting. Organizations must maintain robust cyber defenses to stay ahead.”

Share:

PreviousThree critical RCE flaws could have allowed malicious takeover of AI servers
NextInternet disruption trends in Q2 2025 surge amid infrastructure and political challenges

Related Posts

NTT Ltd expects to save US$5m annually after successful cloud migration test case

NTT Ltd expects to save US$5m annually after successful cloud migration test case

Monday, April 10, 2023

Molding the future of remote access in the pandemic era

Molding the future of remote access in the pandemic era

Wednesday, May 5, 2021

Congrats, you won the chance to be vaccinated first! Click here to register!

Congrats, you won the chance to be vaccinated first! Click here to register!

Tuesday, March 9, 2021

Critical remote code execution flaw found in open-source AI testing utility

Critical remote code execution flaw found in open-source AI testing utility

Friday, July 11, 2025

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
previous arrow
next arrow

CybersecAsia Voting Placement

Gamification listing or Participate Now

PARTICIPATE NOW

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

  • 2024 Insider Threat Report: Trends, Challenges, and Solutions

    2024 Insider Threat Report: Trends, Challenges, and Solutions

    Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
  • AI-Powered Cyber Ops: Redefining Cloud Security for 2025

    AI-Powered Cyber Ops: Redefining Cloud Security for 2025

    The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
  • Data Management in the Age of Cloud and AI

    Data Management in the Age of Cloud and AI

    In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper
  • Mitigating Ransomware Risks with GRC Automation

    Mitigating Ransomware Risks with GRC Automation

    In today’s landscape, ransomware attacks pose significant threats to organizations of all sizes, with increasing …Download Whitepaper

Middle-sidebar-banner

Case Studies

  • CISOs can navigate emerging risks from autonomous AI with a new security framework

    CISOs can navigate emerging risks from autonomous AI with a new security framework

    See how security leaders can adopt layered strategies addressing intent, governance, and oversight to manage …Read more
  • MoneyMe strengthens fraud prevention and credit decisioning

    MoneyMe strengthens fraud prevention and credit decisioning

    Australian fintech strengthens risk management with SEON to scale lending operations securely and efficiently.Read more
  • PT Kereta Api Indonesia announces nationwide email and communication overhaul

    PT Kereta Api Indonesia announces nationwide email and communication overhaul

    The state railway operator’s upgraded email system improves privacy, operational reliability, and regulatory alignment for …Read more
  • Operationalizing sustainability in cybersecurity: Group-IB’s approach

    Operationalizing sustainability in cybersecurity: Group-IB’s approach

    See how the firm turned malware-group takedowns into measurements of sustainability and resilience gains: by …Read more

Bottom sidebar

  • Our Brands
  • DigiconAsia
  • MartechAsia
  • Home
  • About Us
  • Contact Us
  • Sitemap
  • Privacy & Cookies
  • Terms of Use
  • Advertising & Reprint Policy
  • Media Kit
  • Subscribe
  • Manage Subscriptions
  • Newsletter

Copyright © 2025 CybersecAsia All Rights Reserved.