{"id":12744,"date":"2025-10-21T09:10:00","date_gmt":"2025-10-21T08:10:00","guid":{"rendered":"https:\/\/mspglobal.com\/blog\/?p=12744"},"modified":"2025-10-22T15:32:10","modified_gmt":"2025-10-22T14:32:10","slug":"acronis-ransomware-trends-msps-2025","status":"publish","type":"post","link":"https:\/\/mspglobal.com\/blog\/acronis-ransomware-trends-msps-2025\/","title":{"rendered":"Acronis report reveals ransomware trends and the new gangs targeting MSPs"},"content":{"rendered":"\n<p>Ransomware activity has reached record levels, and a new report highlights the latest trends and identifies dangerous new gangs. The <a href=\"https:\/\/www.acronis.com\/en\/resource-center\/resource\/acronis-cyberthreats-report-h1-2025\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Acronis Cyberthreats Report<\/a> reveals a 70% year-on-year increase in publicly known victims, showing how ransomware dominates the cybercrime landscape for Managed Service Providers and their clients.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-vimeo wp-block-embed-vimeo wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"Acronis H1 2025 TRU Cyberthreats Report\" src=\"https:\/\/player.vimeo.com\/video\/1125176168?dnt=1&amp;app_id=122963\" width=\"500\" height=\"281\" frameborder=\"0\" allow=\"autoplay; fullscreen; picture-in-picture; clipboard-write; encrypted-media; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\"><\/iframe>\n<\/div><\/figure>\n\n\n\n<h2 class=\"wp-block-heading has-large-font-size cfs-article-heading\" id=\"h-a-shift-in-ransomware-tactics\" style=\"font-style:normal;font-weight:600;line-height:1.3\">A shift in ransomware tactics<\/h2>\n\n\n\n<p>The <a href=\"https:\/\/www.acronis.com\/en\/resource-center\/resource\/acronis-cyberthreats-report-h1-2025\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">report<\/a> focuses on the first half of the year and shows increasing activity in early 2025, reflecting the scalability of Ransomware-as-a-Service (RaaS) operations such as Cl0p, Play, and RansomHub.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"576\" src=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Graphics_Acronis_Cyberthreats_H1_2025_Report_25081818-1024x576.jpg\" alt=\"Donut graph showing most active ransomware groups in H1 2025\" class=\"wp-image-12748\" srcset=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Graphics_Acronis_Cyberthreats_H1_2025_Report_25081818-1024x576.jpg 1024w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Graphics_Acronis_Cyberthreats_H1_2025_Report_25081818-768x432.jpg 768w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Graphics_Acronis_Cyberthreats_H1_2025_Report_25081818-1536x864.jpg 1536w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Graphics_Acronis_Cyberthreats_H1_2025_Report_25081818.jpg 1920w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>By mid-2025, attack volumes began to stabilize, partly as a result of law enforcement crackdowns.&nbsp;<\/p>\n\n\n\n<p>In February, the 8Base gang was dismantled, while Phobos operators \u2014 responsible for compromising over 1,000 victims using advanced encryption and evasion techniques \u2014 were arrested in Thailand.&nbsp;<\/p>\n\n\n\n<p>Two months later, RansomHub abruptly shut down, disrupting the RaaS ecosystem and triggering widespread regrouping. Affiliates migrated to established collectives such as Qilin and DragonForce, or formed spinoffs like VanHelsing and RansomBay.<\/p>\n\n\n\n<p><a href=\"https:\/\/arstechnica.com\/security\/2025\/07\/no-honor-among-thieves-ms-hacking-group-starts-turf-war\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">DragonForce has quickly emerged as a new cartel<\/a>, offering affiliates branding freedom and flexible operations. Meanwhile, stealth-focused variants such as Anubis and ELENOR-corp have gained traction, emphasizing anti-forensic methods and pure data extortion over traditional encryption.<\/p>\n\n\n\n<h2 class=\"wp-block-heading has-large-font-size cfs-article-heading\" id=\"h-ransomware-gangs-target-msps\" style=\"font-style:normal;font-weight:600;line-height:1.3\">Ransomware gangs target MSPs <\/h2>\n\n\n\n<p><a href=\"https:\/\/mspglobal.com\/blog\/cyberattacks-on-msps-2025-acronis-report\/\">Data in the Acronis report<\/a> shows how ransomware groups including Akira, Play, Cl0p, RansomHub, Qilin and RALord\/Nova stood out as the most active threats targeting MSPs and telecom providers.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"576\" src=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Graphics_Acronis_Cyberthreats_H1_2025_Report_2508186-1024x576.jpg\" alt=\"\" class=\"wp-image-12751\" srcset=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Graphics_Acronis_Cyberthreats_H1_2025_Report_2508186-1024x576.jpg 1024w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Graphics_Acronis_Cyberthreats_H1_2025_Report_2508186-768x432.jpg 768w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Graphics_Acronis_Cyberthreats_H1_2025_Report_2508186-1536x864.jpg 1536w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Graphics_Acronis_Cyberthreats_H1_2025_Report_2508186.jpg 1920w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>The category \u201cOthers\u201d in the chart above includes groups such as Abyss, ArcusMedia, BianLian, Ciphbit, Fog, Frag, FunkSec, Hunters International, INC Ransom, JGroup, Kraken (Hello Kitty), LockBit, Medusa and SilentRansomGroup (SRG).<\/p>\n\n\n\n<p>Each group favors distinct entry tactics: Cl0p continues to exploit known flaws in third-party software, while Akira and RansomHub lean on phishing and credential theft, often powered by infostealers.<\/p>\n\n\n\n<p>This shift highlights a broader trend toward flexible, multi-vector intrusions \u2014 with attackers choosing whichever access route offers the quickest path past a target\u2019s defenses.<\/p>\n\n\n\n<h2 class=\"wp-block-heading has-large-font-size cfs-article-heading\" id=\"h-emerging-ransomware-players-reshape-the-threat-landscape\" style=\"font-style:normal;font-weight:600;line-height:1.3\">Emerging ransomware players reshape the threat landscape<\/h2>\n\n\n\n<p>Between January and May 2025, Acronis observed a new wave of ransomware groups, with the top 10 collectively responsible for 145 known victims worldwide.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"576\" src=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Graphics_Acronis_Cyberthreats_H1_2025_Report_25081817-1024x576.jpg\" alt=\"Graph showing new ransomware gangs H1 2025\" class=\"wp-image-12755\" srcset=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Graphics_Acronis_Cyberthreats_H1_2025_Report_25081817-1024x576.jpg 1024w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Graphics_Acronis_Cyberthreats_H1_2025_Report_25081817-768x432.jpg 768w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Graphics_Acronis_Cyberthreats_H1_2025_Report_25081817-1536x864.jpg 1536w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Graphics_Acronis_Cyberthreats_H1_2025_Report_25081817.jpg 1920w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><strong>Devman<\/strong><\/p>\n\n\n\n<p>Devman stands out as a rapidly growing ransomware-as-a-service (RaaS) operation. It offers its malware and infrastructure to affiliates in exchange for a share of the ransom, and even shares encryption tools with other groups such as Qilin and RansomHub. This overlap suggests close collaboration\u2014or possibly shared developers operating under multiple brands. Devman relies on classic double extortion, combining encryption with the threat of public data leaks to pressure victims into paying.<\/p>\n\n\n\n<p><strong>NightSpire<\/strong><\/p>\n\n\n\n<p>Another fast-moving entrant, NightSpire, emerged in March 2025 and appears to be a rebranded evolution of the earlier Rbfs group. Its activity mirrors that of established affiliate models, though it\u2019s unclear whether NightSpire functions as an open RaaS platform or a closed collective. Its victims are primarily small and mid-sized businesses across manufacturing, logistics, and finance, and it too favors double-extortion tactics to maximize leverage.<\/p>\n\n\n\n<p>These newcomers illustrate how quickly ransomware ecosystems adapt and fragment, with each group testing new business models, alliances, and branding strategies to stay ahead of law enforcement and defensive technologies.<\/p>\n\n\n\n<p><strong>RALord\/Nova<\/strong><\/p>\n\n\n\n<p>RALord, which rebranded as Nova in March 2025, has quickly established itself as a prominent RaaS operation. Like Devman, the group provides affiliates with the full attack toolkit \u2014 from malware and infrastructure to leak-site publishing \u2014 and takes charge of publicly exposing stolen data when victims refuse to pay.<\/p>\n\n\n\n<p>RALord\/Nova\u2019s strategy blends operational disruption with deliberate humiliation. The group routinely publishes detailed breakdowns of its breaches, explaining how it compromised targets to damage reputations and amplify pressure on victims. Its business model is openly commercial: affiliates can buy or rent encryption tools and advertise services across darknet forums and Tor-based leak sites, giving the group both reach and visibility within the cybercrime ecosystem.<\/p>\n\n\n\n<p>The report authors explain how this calculated mix of marketing, intimidation, and technical agility makes Nova one of the more manipulative RaaS brands to emerge in 2025 \u2014 signaling how far ransomware groups have evolved to become full-fledged cybercriminal enterprises.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"How MSPs can use the Acronis TRU report to drive sales\" width=\"500\" height=\"281\" src=\"https:\/\/www.youtube.com\/embed\/EMSBV9Nqfpg?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n\n\n\n<h2 class=\"wp-block-heading has-large-font-size cfs-article-heading\" id=\"h-msps-need-to-meet-evolving-ransomware-threats\" style=\"font-style:normal;font-weight:600;line-height:1.3\"><strong>MSPs need to meet evolving ransomware threats<\/strong><\/h2>\n\n\n\n<p>Together, these findings highlight the growing complexity of modern attack chains \u2014 and the urgent need for layered, adaptive defenses across every sector.&nbsp;<\/p>\n\n\n\n<p>Data-theft extortion and zero-day exploitation are increasingly replacing large-scale encryption campaigns, favoring stealth and precision over volume, and AI will accelerate the pace of disruption.<\/p>\n\n\n\n<p>Discover more data and insight, including recommendations on protecting your MSP and its clients in the full <a href=\"https:\/\/www.acronis.com\/en\/resource-center\/resource\/acronis-cyberthreats-report-h1-2025\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Acronis Cyberthreats Report H1 2025<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Ransomware activity has reached record levels, and a new report highlights the latest trends and identifies dangerous new gangs. The Acronis Cyberthreats Report reveals a 70% year-on-year increase in publicly known victims, showing how ransomware dominates the cybercrime landscape for Managed Service Providers and their clients. A shift in ransomware tactics The report focuses on [&hellip;]<\/p>\n","protected":false},"author":30,"featured_media":12765,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"mark_post_sync":true,"footnotes":""},"categories":[1513],"tags":[],"class_list":["post-12744","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-guides"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v24.2 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Acronis report reveals MSP ransomware trends<\/title>\n<meta name=\"description\" content=\"Ransomware attacks on MSPs are rising fast. Discover the latest 2025 trends and new threat groups in the Acronis Cyberthreats Report.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/mspglobal.com\/blog\/acronis-ransomware-trends-msps-2025\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Acronis report reveals ransomware trends and the new gangs targeting MSPs\" \/>\n<meta property=\"og:description\" content=\"Acronis report reveals ransomware trends and the new gangs targeting MSPs\" \/>\n<meta property=\"og:url\" content=\"https:\/\/mspglobal.com\/blog\/acronis-ransomware-trends-msps-2025\/\" \/>\n<meta property=\"og:site_name\" content=\"MSP GLOBAL BLOG\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100089083200946\" \/>\n<meta property=\"article:published_time\" content=\"2025-10-21T08:10:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-10-22T14:32:10+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Selection_01_02_51_26-scaled.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2560\" \/>\n\t<meta property=\"og:image:height\" content=\"1440\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Miles Kendall\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@MSPglobalevent\" \/>\n<meta name=\"twitter:site\" content=\"@MSPglobalevent\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Miles Kendall\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/acronis-ransomware-trends-msps-2025\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/acronis-ransomware-trends-msps-2025\\\/\"},\"author\":{\"name\":\"Miles Kendall\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/person\\\/3e9bed029b316efa7a58f3f21d3c2845\"},\"headline\":\"Acronis report reveals ransomware trends and the new gangs targeting MSPs\",\"datePublished\":\"2025-10-21T08:10:00+00:00\",\"dateModified\":\"2025-10-22T14:32:10+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/acronis-ransomware-trends-msps-2025\\\/\"},\"wordCount\":756,\"publisher\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/acronis-ransomware-trends-msps-2025\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Selection_01_02_51_26-scaled.jpg\",\"articleSection\":[\"Guides\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/acronis-ransomware-trends-msps-2025\\\/\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/acronis-ransomware-trends-msps-2025\\\/\",\"name\":\"Acronis report reveals MSP ransomware trends\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/acronis-ransomware-trends-msps-2025\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/acronis-ransomware-trends-msps-2025\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Selection_01_02_51_26-scaled.jpg\",\"datePublished\":\"2025-10-21T08:10:00+00:00\",\"dateModified\":\"2025-10-22T14:32:10+00:00\",\"description\":\"Ransomware attacks on MSPs are rising fast. Discover the latest 2025 trends and new threat groups in the Acronis Cyberthreats Report.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/acronis-ransomware-trends-msps-2025\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/mspglobal.com\\\/blog\\\/acronis-ransomware-trends-msps-2025\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/acronis-ransomware-trends-msps-2025\\\/#primaryimage\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Selection_01_02_51_26-scaled.jpg\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Selection_01_02_51_26-scaled.jpg\",\"width\":2560,\"height\":1440,\"caption\":\"CEO of Acronis on stage\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/acronis-ransomware-trends-msps-2025\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Guides\",\"item\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/category\\\/guides\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Acronis report reveals ransomware trends and the new gangs targeting MSPs\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\",\"name\":\"MSP INSIGHTS - The MSP GLOBAL Blog\",\"description\":\"The latest news for MSPs and Tech Experts.\",\"publisher\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\",\"name\":\"MSP GLOBAL\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/MSP-GLOBAL-BLOG.svg\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/MSP-GLOBAL-BLOG.svg\",\"width\":536,\"height\":63,\"caption\":\"MSP GLOBAL\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100089083200946\",\"https:\\\/\\\/x.com\\\/MSPglobalevent\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/mspglobalevent\\\/\",\"https:\\\/\\\/www.instagram.com\\\/mspglobalevent\\\/\"],\"ownershipFundingInfo\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/imprint\\\/\",\"actionableFeedbackPolicy\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/imprint\\\/\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/person\\\/3e9bed029b316efa7a58f3f21d3c2845\",\"name\":\"Miles Kendall\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/miles-kendall-96x96.jpeg\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/miles-kendall-96x96.jpeg\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/miles-kendall-96x96.jpeg\",\"caption\":\"Miles Kendall\"},\"description\":\"Miles is a highly experienced communications and technology expert, with a track record of delivering high performing content for a range of B2B clients across a variety of sectors. As part of the senior writing team at CloudFest he\u2019s responsible for highlighting key trends, teasing out thought leadership and delivering original insight \u2013 utilizing his background in journalism and content strategy.\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/author\\\/miles-kendall\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Acronis report reveals MSP ransomware trends","description":"Ransomware attacks on MSPs are rising fast. Discover the latest 2025 trends and new threat groups in the Acronis Cyberthreats Report.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/mspglobal.com\/blog\/acronis-ransomware-trends-msps-2025\/","og_locale":"en_US","og_type":"article","og_title":"Acronis report reveals ransomware trends and the new gangs targeting MSPs","og_description":"Acronis report reveals ransomware trends and the new gangs targeting MSPs","og_url":"https:\/\/mspglobal.com\/blog\/acronis-ransomware-trends-msps-2025\/","og_site_name":"MSP GLOBAL BLOG","article_publisher":"https:\/\/www.facebook.com\/profile.php?id=100089083200946","article_published_time":"2025-10-21T08:10:00+00:00","article_modified_time":"2025-10-22T14:32:10+00:00","og_image":[{"width":2560,"height":1440,"url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Selection_01_02_51_26-scaled.jpg","type":"image\/jpeg"}],"author":"Miles Kendall","twitter_card":"summary_large_image","twitter_creator":"@MSPglobalevent","twitter_site":"@MSPglobalevent","twitter_misc":{"Written by":"Miles Kendall","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/mspglobal.com\/blog\/acronis-ransomware-trends-msps-2025\/#article","isPartOf":{"@id":"https:\/\/mspglobal.com\/blog\/acronis-ransomware-trends-msps-2025\/"},"author":{"name":"Miles Kendall","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/person\/3e9bed029b316efa7a58f3f21d3c2845"},"headline":"Acronis report reveals ransomware trends and the new gangs targeting MSPs","datePublished":"2025-10-21T08:10:00+00:00","dateModified":"2025-10-22T14:32:10+00:00","mainEntityOfPage":{"@id":"https:\/\/mspglobal.com\/blog\/acronis-ransomware-trends-msps-2025\/"},"wordCount":756,"publisher":{"@id":"https:\/\/mspglobal.com\/blog\/#organization"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/acronis-ransomware-trends-msps-2025\/#primaryimage"},"thumbnailUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Selection_01_02_51_26-scaled.jpg","articleSection":["Guides"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/mspglobal.com\/blog\/acronis-ransomware-trends-msps-2025\/","url":"https:\/\/mspglobal.com\/blog\/acronis-ransomware-trends-msps-2025\/","name":"Acronis report reveals MSP ransomware trends","isPartOf":{"@id":"https:\/\/mspglobal.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/mspglobal.com\/blog\/acronis-ransomware-trends-msps-2025\/#primaryimage"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/acronis-ransomware-trends-msps-2025\/#primaryimage"},"thumbnailUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Selection_01_02_51_26-scaled.jpg","datePublished":"2025-10-21T08:10:00+00:00","dateModified":"2025-10-22T14:32:10+00:00","description":"Ransomware attacks on MSPs are rising fast. Discover the latest 2025 trends and new threat groups in the Acronis Cyberthreats Report.","breadcrumb":{"@id":"https:\/\/mspglobal.com\/blog\/acronis-ransomware-trends-msps-2025\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/mspglobal.com\/blog\/acronis-ransomware-trends-msps-2025\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/acronis-ransomware-trends-msps-2025\/#primaryimage","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Selection_01_02_51_26-scaled.jpg","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Selection_01_02_51_26-scaled.jpg","width":2560,"height":1440,"caption":"CEO of Acronis on stage"},{"@type":"BreadcrumbList","@id":"https:\/\/mspglobal.com\/blog\/acronis-ransomware-trends-msps-2025\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/mspglobal.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Guides","item":"https:\/\/mspglobal.com\/blog\/category\/guides\/"},{"@type":"ListItem","position":3,"name":"Acronis report reveals ransomware trends and the new gangs targeting MSPs"}]},{"@type":"WebSite","@id":"https:\/\/mspglobal.com\/blog\/#website","url":"https:\/\/mspglobal.com\/blog\/","name":"MSP INSIGHTS - The MSP GLOBAL Blog","description":"The latest news for MSPs and Tech Experts.","publisher":{"@id":"https:\/\/mspglobal.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/mspglobal.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/mspglobal.com\/blog\/#organization","name":"MSP GLOBAL","url":"https:\/\/mspglobal.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/MSP-GLOBAL-BLOG.svg","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/MSP-GLOBAL-BLOG.svg","width":536,"height":63,"caption":"MSP GLOBAL"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/profile.php?id=100089083200946","https:\/\/x.com\/MSPglobalevent","https:\/\/www.linkedin.com\/company\/mspglobalevent\/","https:\/\/www.instagram.com\/mspglobalevent\/"],"ownershipFundingInfo":"https:\/\/mspglobal.com\/blog\/imprint\/","actionableFeedbackPolicy":"https:\/\/mspglobal.com\/blog\/imprint\/"},{"@type":"Person","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/person\/3e9bed029b316efa7a58f3f21d3c2845","name":"Miles Kendall","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/miles-kendall-96x96.jpeg","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/miles-kendall-96x96.jpeg","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/miles-kendall-96x96.jpeg","caption":"Miles Kendall"},"description":"Miles is a highly experienced communications and technology expert, with a track record of delivering high performing content for a range of B2B clients across a variety of sectors. As part of the senior writing team at CloudFest he\u2019s responsible for highlighting key trends, teasing out thought leadership and delivering original insight \u2013 utilizing his background in journalism and content strategy.","url":"https:\/\/mspglobal.com\/blog\/author\/miles-kendall\/"}]}},"_links":{"self":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12744","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/users\/30"}],"replies":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/comments?post=12744"}],"version-history":[{"count":8,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12744\/revisions"}],"predecessor-version":[{"id":12770,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12744\/revisions\/12770"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/media\/12765"}],"wp:attachment":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/media?parent=12744"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/categories?post=12744"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/tags?post=12744"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}