Europe evolves into ransomware’s favorite region

A specter is haunting Europe — the specter of ransomware.

After a global lull in 2024 and 2025, the ransomware-as-a-service (RaaS) ecosystem appears to be back to form, at least in Europe. Researchers from Black Kite tracked 684 ransomware attacks across the continent through the first four months of 2026. That’s 55% more than the 441 recorded in the first four months of 2025, even more than the 643 recorded through the first half of 2025.

“Globally, the U.S. absorbs almost half of all ransomware victims. Canada and the U.K. have traded second place. Europe was a step behind. Now that’s shifting,” Ferhat Dikbiyik, chief research and intelligence officer at Black Kite, tells Dark Reading. He believes that at least a couple of factors are at play.

Read more at Dark Reading