Ransomware Attack On European Organizations Surge As Hackers...

European organizations are facing an unprecedented wave of ransomware attacks as cybercriminals increasingly integrate artificial intelligence tools into their operations.

Since January 2024, big game hunting threat actors have named approximately 2,100 Europe-based victims on more than 100 dedicated leak sites, representing a 13% year-over-year increase in attacks.

The region now accounts for nearly 22% of all global ransomware victims tracked, making it the second most targeted region after North America.

Organizations in the United Kingdom, Germany, Italy, France, and Spain have borne the brunt of these attacks, with manufacturing, professional services, and technology sectors experiencing the heaviest losses.

The surge in ransomware activity across Europe stems from several factors that make the region particularly attractive to threat actors.

Cybercriminals have weaponized the European Union’s General Data Protection Regulation, threatening to report victims for regulatory noncompliance during ransom negotiations.

The financial incentive remains substantial, as Europe hosts five of the world’s ten most valuable companies, enabling threat actors to demand significant ransoms based on organizational revenue.

Additionally, some adversaries have expressed political motivations, with certain groups supporting geopolitical conflicts and cooperating with hybrid threat actors for mutual benefit.

CrowdStrike researchers noted that adversaries are employing increasingly sophisticated tactics to maximize their impact.

During the reporting period from January 2024 to September 2025, threat actors heavily utilized credential dumping from backup and restore configuration databases, which often contain access to hypervisor infrastructure.

Source: Cybersecurity News