December 2024 saw an unprecedented surge in ransomware attacks, registering 574 incidents—the highest monthly total recorded since 2021. This spike came as shocking news, particularly as December typically experiences a decline in cyber activity due to the holiday season. According to the latest Threat Pulse report from the cybersecurity firm NCC Group, this trend underscores the evolving and increasingly aggressive nature of ransomware threats.

Northern America was the most affected region, suffering 52% of all attacks, translating to approximately 300 incidents. This was followed by Europe, accounting for 18% of the attacks, while South America noted a rise to 40 incidents, a slight increase from 35 the previous year. Asia experienced 16% of the attacks, almost paralleling European figures, signaling a growing global risk.

Particularly alarming is the emergence of new threat actors like Funksec, which experts warn could herald an even more volatile landscape for 2025. If such groups continue to adopt bolder tactics, we can expect an increase in frequency and severity of ransomware attacks across various sectors, heightening national security risks, especially when they target strategic industries.

The industrial sector bore the brunt of the assault, constituting 24% of all ransomware attempts in December. The report highlights a notable shift in tactics employed by the notorious Black Basta gang, which has moved from basic malware to sophisticated phishing attacks conducted via platforms like Teams and Skype, as well as employing botnets such as DarkGate and ZBot. These developments pose a severe threat, emphasizing the urgent need for companies to fortify their cybersecurity defenses in response to escalating dangers in the cyber landscape.