CYFIRMA Research
Cyber defenders, listen up! The CYFIRMA Research podcast has some juicy intel on the latest cyber threats that are lurking in the shadows. Tune in to this security briefing to stay on top of emerging threats and be ready to tackle digital risk like never before.
CYFIRMA Research
CYFIRMA Research: Tracking Ransomware- March 2026
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
March reflected a further escalation in ransomware activity, with incident volumes rising and multiple threat actors expanding operations simultaneously. Qilin emerged as the most dominant group with a sharp increase in activity, while several others, including Akira, Incransom, Nightspire, Dragonforce, and LockBit5, showed significant growth, indicating a highly competitive and rapidly scaling ecosystem. At the same time, a few groups declined, reinforcing the fluid and continuously shifting nature of ransomware operations. The threat model continues to evolve toward access-driven intrusions, with attackers leveraging credential compromise, exploitation of internet-facing vulnerabilities, and brokered access. Increased use of legitimate administrative tools, stealth-focused techniques, and rapid deployment through cloud and virtual infrastructure highlights a strong shift toward efficiency and evasion.
Geographically, the United States remained the most impacted region by a wide margin, followed by the United Kingdom, Canada, and major European economies, with continued expansion across Asia-Pacific and emerging markets. Industry targeting remained concentrated on sectors with high operational reliance and sensitive data exposure, particularly professional services, manufacturing, healthcare, and information technology.
Link to the Research Report: https://www.cyfirma.com/research/tracking-ransomware-march-2026/
#CyberSecurity #Ransomware #ThreatIntel #ETLM #CYFIRMA #ThreatLandscape #CyberRisk #DataExtortion #ExternalThreatLandscapeManagement #ETLM
https://www.cyfirma.com/