Akamai Technologies He has published his 2025 ransomware reportin which it emphasizes that The attackers are implementing a new extortion tactic in four phases In ransomware campaigns. However, the double extortion remains the most used by cybercriminals.
The emerging quadruple extortion trend includes distributed attacks on service denial (DDOD), to interrupt company operations and harass third parties, such as clients, partners or media. In this way, they try to increase the pressure on the victim.
This technique is based on double extortion ransomware, in which the attackers are limited to encrypting the data of a victim and threatening to filter them if it does not pay a rescue. But according to Steve Winter field, Ciso the Akamai«Current ransomware threats go beyond data encryption. The attackers press their victims through data theft and their public exhibition, as well as with service interruptions. With the application of these methods, cyber attacks cause great magnitude business crises, which is forcing companies to rethink their preparation and response strategy«.
According to the report, the generative AI and the LLM are key in increasing the frequency and scale of ransomware attacks, since they allow attackers with little experience to perform sophisticated campaigns. In addition, the LLMs help write ransomware code since groups improve their social engineering tactics.
Hybrid ransomware and hacktivism groups, driven by political, ideological and financial causes more and more ransomware platforms as a service to increase their impact. As for cryptohed programs, they have their own dangers, but their objectives and strategies are similar to those of ransomware groups.
According to Akamai researchers, almost half of the cryptoking attacks they analyzed were aimed at educational organizations and NGOs, probably due to lack of resources in their sectors. The report also includes an analysis of the current legal and regulations related to the response of organizations to ransomware.
