VendorsBlack Kite
Black Kite
Cybersecurity reports and statistics published by Black Kite
8 categories6 reports
Research Reports
Reports and publications from Black Kite
2025 Manufacturing Report: Why Your Supply Chain is Your Biggest Cyber Risk
10/8/2025
2025 State of Financial Services: Hidden Dangers in the Vendor Ecosystem
7/10/2025
2025 Ransomware Report How Ransomware Wars Threaten Third-Party Cyber Ecosystems
5/13/2025
2025 Supply Chain Vulnerability Report
4/8/2025
Healthcare Under Ransomware Attack
1/1/2025
Healthcare Under Ransomware Attack
1/1/2025
Recent Statistics & Reports
Among companies with less than $20 million, manufacturing is the second targeted industry at 17%.
10/8/2025•
ManufacturingRansomware
Among companies earning over $1 billion, manufacturing makes up a staggering 38.9% of ransomware victims.
10/8/2025•
ManufacturingRansomware
For companies earning between $100 million and $300 million, manufacturing accounts for 30% of ransomware victims.
10/8/2025•
ManufacturingRansomware
There has been a 9% increase in ransomware attacks on manufacturing companies compared to the previous year.
10/8/2025•
ManufacturingRansomware
75% of manufacturing companies have critical vulnerabilities with a CVSS score of 8 or higher.
10/8/2025•
ManufacturingRansomwareVulnerabilities
65% of manufacturing companies have at least one vulnerability listed in the CISA Known Exploited Vulnerabilities (KEV) Catalog.
10/8/2025•
ManufacturingRansomwareVulnerabilities
Manufacturing remains ransomware's number one target. It has held the number one position for the fourth year in a row.
10/8/2025•
ManufacturingRansomware
Black Kite researchers found that 31 out of 140 third-party vendors have at least one critical vulnerability with a CVSS at or above 8. 15 vendors show an extremely high risk with CVSS scores above 9.
7/10/2025•
FinancialThird-party vendorsVulnerabilities
There were 156 disclosed ransomware victims in the financial sector in 2024.
7/10/2025•
FinancialRansomware
Cl0p claimed responsibility for targeting companies using unpatched versions of Cleo's MFT products in December 2024.
7/10/2025•
FinancialCl0p
Nearly one-third (26.6%) of finance threat actors are attributed to "Other", which includes emerging or short-lived groups, highlighting a more fragmented and unpredictable ransomware landscape.
7/10/2025•
FinancialRansomware
65% of third-party vendors are not maintaining current patch levels, which exposes financial institutions to inherited risk from known vulnerabilities (CVEs) and potentially unpatched zero-day vulnerabilities in legacy technologies.
7/10/2025•
FinancialThird-party vendorsVulnerabilities
There were 191 disclosed ransomware victims in the financial sector in 2023.
7/10/2025•
FinancialRansomware
90 third-party vendors are flagged with high-risk threat categories. Among these, 35 vendors are marked with Known Exploited Vulnerabilities (KEV) tags.
7/10/2025•
FinancialThird-party vendorsVulnerabilities
As of mid-2025, only 55 ransomware victims have been disclosed in the financial sector.
7/10/2025•
FinancialRansomware
Ransomware was responsible for 67% of known third-party breaches.
5/13/2025•
RansomwareThird-party
Small and mid-sized businesses (SMBs) in the $4M-$8M range were the most frequently targeted.
5/13/2025•
RansomwareSMBs
There are now 96 active ransomware groups.
5/13/2025•
RansomwareThreat group
52 entirely new ransomware groups emerged in the last year.
5/13/2025•
RansomwareThreat group
Ransom payment values declined by 35%.
5/13/2025•
RansomwareRansom
Showing 1-20 of 48 results