Skip to main content

CYBERSTATS

Security Intelligence

Back to Home

Play Ransomware conducted an average of 30 attacks per month, peaking in October 2024 with at least 52 attacks10. Approximately 89.9 percent of Play Ransomware's victims were based in North America10. 24.7% of Play Ransomware's victims were in the manufacturing industry and 17.5% were in the construction industry.

ZeroFox
January 1, 2025
R&DEPlay RansomwareNorth AmericaManufacturing

Play Ransomware conducted an average of 30 attacks per month, peaking in October 2024 with at least 52 attacks10. Approximately 89.9 percent of Play Ransomware's victims were based in North America10. 24.7% of Play Ransomware's victims were in the manufacturing industry and 17.5% were in the construction industry. — This cybersecurity statistic was published by ZeroFox in January 2025. It covers topics including R&DE, Play Ransomware, North America, Manufacturing. The original data appears in Assessment: 2024 Ransomware and Digital Extortion Overview . For the full methodology and detailed findings, refer to the original report.

Source

View Original Report

Published on 1/1/2025

Share or Copy this stat

Frequently Asked Questions

What does this statistic say?

Play Ransomware conducted an average of 30 attacks per month, peaking in October 2024 with at least 52 attacks10. Approximately 89.9 percent of Play Ransomware's victims were based in North America10. 24.7% of Play Ransomware's victims were in the manufacturing industry and 17.5% were in the construction industry. This data was published by ZeroFox and covers R&DE, Play Ransomware, North America, Manufacturing.

Where does this data come from?

This statistic comes from Assessment: 2024 Ransomware and Digital Extortion Overview , published by ZeroFox on January 1, 2025. You can view the original report at 2024 Ransomware and Digital Extortion Overview.

What cybersecurity topics does this cover?

This statistic relates to R&DE, Play Ransomware, North America, Manufacturing. Browse more statistics on R&DE or from ZeroFox.

Want More Statistics Like This?

Get the latest cybersecurity stats delivered to your inbox every week

Related Statistics

ZeroFox observed at least 4,950 separate ransomware and digital extortion (R&DE) incidents throughout 2024, which is significantly more than the approximately 4,000 incidents observed during 2023.

ZeroFox1/1/2025
RansomwareR&DE

The manufacturing industry was the most-targeted industry in R&DE incidents during 2024, accounting for approximately 17.7 percent of attacks globally.

ZeroFox1/1/2025
R&DEManufacturing

LockBit was responsible for a significantly lessened proportion of R&DE activity in 2024, due to early-2024 law enforcement (LE) disruption operations3. In 2023, LockBit accounted for over 820 separate incidents and approximately 20% of global R&DE activity4. In Q4 2024, LockBit accounted for just 1% of global R&DE5. LockBit added 175 victims to its leak site in May 2024.

ZeroFox1/1/2025
R&DELockBit

During 2023, 50 percent of global R&DE incidents were attributed to just five collectives, and 75 percent of incidents could be attributed to 14 collectives. However, during 2024, 50 percent of global R&DE incidents were attributed to eight collectives, with 20 collectives responsible for 75 percent of global incidents.

ZeroFox1/1/2025
R&DE

Akira averaged 19 attacks per month between January 2024 and November 2024. In December, the collective added at least 93 separate victims to their leak site, bringing their 2024 monthly average up to approximately 25. Throughout 2024, approximately 71 percent of Akira’s victims were based in North America, rising to approximately 81 percent in Q4 2024.

ZeroFox1/1/2025
R&DEAkiraNorth America

RansomHub was the most prominent R&DE collective in 2024. RansomHub accounted for approximately 10% of all R&DE incidents ZeroFox observed throughout the year and conducted at least 216 attacks during Q4 2024. In November 2024, RansomHub conducted at least 97 attacks.

ZeroFox1/1/2025
R&DERansomHub

Browse by Topic

R&DEPlay RansomwareNorth AmericaManufacturingMore from ZeroFox

Stay Ahead of Cyber Threats

Join 1,000+ security professionals getting weekly insights