On May 20, 2025, Kettering Health, a major healthcare network based in Ohio, experienced a ransomware attack that severely disrupted its operations. As a result, all 14 hospitals in the system were placed on emergency reroute. This meant ambulances were redirected, and staff had to switch to manual processes because digital systems—including electronic health records, internal messaging, and coordination platforms—became unavailable.

Salvador

Insights 22 May 2025

Pro-Russian Cyber Activity: Hybrid Threats and the UK Response

Russia’s cyber strategy increasingly relies on hybrid operations: coordinated campaigns that combine cyber attacks, disinformation, and political subversion. Since the invasion of Ukraine in 2022, the Kremlin and its supporters have amplified a new wave of cyber threats, using state-aligned groups, criminal proxies, and nationalist hacktivist collectives to target institutions across Europe.

Peter Bassill

Insights 20 May 2025

Donation-Based Ransomware Groups

In the constantly evolving world of ransomware, a new and unusual variation has emerged. Rather than demanding cryptocurrency payments, certain threat actors are now instructing victims to make donations to charity in exchange for decryption keys or promises not to publish stolen data. These so-calleddonation-model ransomware groupspresent themselves as ideologically driven, often citing anti-corporate motives or positioning their activity as a form of digital protest.

Peter Bassill

Insights 19 May 2025

Western Alliance Data Breach Tied to Cleo Software Flaw

April 2025 — Phoenix, Arizona

Ismael Melgar Villalta