Ransomware Attacks Surge 30% in 2026 as Qilin and INC Ransom Intensify Operations

Ransomware incidents surged 30% in H1 2026, with Qilin (Agenda) and INC Ransom among the most active operators; both leverage RaaS and double-extortion tactics to target high-value sectors—especially healthcare—resulting in hundreds of confirmed victims and large data exposures (examples include Covenant Health and NHS Scotland). The report also notes increased professionalization (affiliate models) and the use of AI to accelerate phishing, target research, and initial access, creating elevated operational risk for well-defended organizations.