Ransomware Attacks Target English-Speaking Nations, Threatening 30% of Global GDP
Event summary
- 70% of global ransomware activity targeted English-speaking countries in late 2025, with the US accounting for 40% of attacks.
- Wireless networks in industrial environments remain highly vulnerable, with 68% lacking Management Frame Protection (MFP).
- Transportation was the most targeted industry in 2025, followed by manufacturing and the public sector.
- Scattered Spider accounted for 42.9% of all actor-related alerts in the second half of 2025.
The big picture
The concentration of ransomware attacks on English-speaking countries highlights the macroeconomic risks, given these nations' significant GDP contribution. The report underscores the urgent need for robust cybersecurity measures, particularly in wireless networks and critical infrastructure, as geopolitical tensions and AI-driven threats continue to evolve. The dominance of groups like Scattered Spider signals a shift towards more sophisticated and coordinated cyber threats.
What we're watching
- Geopolitical Risks
- How rising nation-state activity and hacktivism will shape cybersecurity threats in 2026.
- AI Integration
- Whether threat actors' increasing use of generative AI will further escalate attacks against English-speaking countries.
- Industry Vulnerabilities
- The pace at which critical infrastructure sectors, particularly transportation and public sector, will enhance their cybersecurity measures.
Related topics