Extortion Evolves: Akamai SOTI Report Examines the Increasing Complexity of Ransomware Attacks
Akamai Technologies (NASDAQ: AKAM) has released its State of the Internet (SOTI) Ransomware Report 2025, revealing emerging cybersecurity threats and trends. The report highlights a new quadruple extortion tactic in ransomware campaigns, which combines traditional data encryption with DDoS attacks and third-party harassment to pressure victims.
Key findings include the role of GenAI and LLMs in increasing ransomware attack frequency, the evolution of hacktivist groups using RaaS platforms, and the revelation that the TrickBot malware family has extorted over $724 million in cryptocurrency since 2016. The report also examines legal frameworks and emphasizes the importance of Zero Trust and microsegmentation strategies in building ransomware resilience.
Akamai Technologies (NASDAQ: AKAM) ha pubblicato il suo rapporto State of the Internet (SOTI) Ransomware Report 2025, evidenziando nuove minacce e tendenze nel campo della cybersecurity. Il rapporto mette in luce una nuova tattica di estorsione quadrupla nelle campagne ransomware, che combina la tradizionale crittografia dei dati con attacchi DDoS e molestie da parte di terzi per mettere pressione alle vittime.
I risultati principali includono il ruolo di GenAI e LLM nell’aumentare la frequenza degli attacchi ransomware, l’evoluzione dei gruppi hacktivisti che utilizzano piattaforme RaaS e la scoperta che la famiglia di malware TrickBot ha estorso oltre 724 milioni di dollari in criptovalute dal 2016. Il rapporto analizza inoltre i quadri giuridici e sottolinea l’importanza delle strategie Zero Trust e di microsegmentazione per costruire una maggiore resilienza contro il ransomware.
Akamai Technologies (NASDAQ: AKAM) ha publicado su Informe sobre el Estado de Internet (SOTI) Ransomware Report 2025, revelando nuevas amenazas y tendencias en ciberseguridad. El informe destaca una nueva táctica de extorsión cuádruple en campañas de ransomware, que combina la tradicional encriptación de datos con ataques DDoS y acoso de terceros para presionar a las víctimas.
Los hallazgos clave incluyen el papel de GenAI y LLM en el aumento de la frecuencia de ataques ransomware, la evolución de grupos hacktivistas que usan plataformas RaaS, y la revelación de que la familia de malware TrickBot ha extorsionado más de 724 millones de dólares en criptomonedas desde 2016. El informe también examina los marcos legales y enfatiza la importancia de estrategias Zero Trust y microsegmentación para fortalecer la resiliencia ante ransomware.
Akamai Technologies (NASDAQ: AKAM)가 2025년 인터넷 상태(SOTI) 랜섬웨어 보고서를 발표하며 새롭게 떠오르는 사이버 보안 위협과 동향을 공개했습니다. 보고서는 전통적인 데이터 암호화와 DDoS 공격, 제3자 괴롭힘을 결합한 새로운 사중 협박 전술을 랜섬웨어 캠페인에서 강조하고 있습니다.
주요 발견사항으로는 GenAI 및 LLM이 랜섬웨어 공격 빈도를 증가시키는 역할, RaaS 플랫폼을 이용하는 해커티비스트 그룹의 진화, 그리고 TrickBot 악성코드 계열이 2016년 이후 7억 2,400만 달러 이상의 암호화폐를 갈취했다는 사실이 포함됩니다. 또한 보고서는 법적 체계를 검토하며, 랜섬웨어 대응을 위한 제로 트러스트 및 마이크로 세분화 전략의 중요성을 강조합니다.
Akamai Technologies (NASDAQ : AKAM) a publié son rapport State of the Internet (SOTI) Ransomware Report 2025, révélant de nouvelles menaces et tendances en cybersécurité. Le rapport met en avant une nouvelle tactique d’extorsion quadruple dans les campagnes de ransomware, combinant le chiffrement traditionnel des données avec des attaques DDoS et du harcèlement par des tiers pour faire pression sur les victimes.
Les principales conclusions incluent le rôle de GenAI et des LLM dans l’augmentation de la fréquence des attaques ransomware, l’évolution des groupes hacktivistes utilisant des plateformes RaaS, et la révélation que la famille de malwares TrickBot a extorqué plus de 724 millions de dollars en cryptomonnaies depuis 2016. Le rapport examine également les cadres juridiques et souligne l’importance des stratégies Zero Trust et de micro-segmentation pour renforcer la résilience face aux ransomwares.
Akamai Technologies (NASDAQ: AKAM) hat seinen State of the Internet (SOTI) Ransomware Report 2025 veröffentlicht, der neue Cybersecurity-Bedrohungen und Trends aufzeigt. Der Bericht hebt eine neue Vierfach-Erpressungstaktik in Ransomware-Kampagnen hervor, die traditionelle Datenverschlüsselung mit DDoS-Angriffen und Belästigungen durch Dritte kombiniert, um Opfer unter Druck zu setzen.
Wesentliche Erkenntnisse umfassen die Rolle von GenAI und LLMs bei der Zunahme von Ransomware-Angriffen, die Weiterentwicklung von Hacktivistengruppen, die RaaS-Plattformen nutzen, sowie die Enthüllung, dass die TrickBot-Malware-Familie seit 2016 über 724 Millionen US-Dollar in Kryptowährungen erpresst hat. Der Bericht betrachtet zudem rechtliche Rahmenbedingungen und betont die Bedeutung von Zero Trust- und Mikrosegmentierungsstrategien zur Stärkung der Resilienz gegen Ransomware.
- Comprehensive analysis and insights into emerging cybersecurity threats
- Strong position in identifying and analyzing new ransomware trends
- Demonstrates thought leadership in cybersecurity industry
- Increasing complexity of cyber threats could require additional investment in security solutions
- Rising ransomware sophistication poses challenges for Akamai's protection services
New report explores the tactics, techniques, and procedures attackers use and the fallout for organizations
According to the new Akamai State of the Internet (SOTI) report, Ransomware Report 2025: Building Resilience Amid a Volatile Threat Landscape, the emerging trend of quadruple extortion includes using distributed denial-of-service (DDoS) attacks to disrupt business operations and harassing third parties — like customers, partners, and media — to increase the pressure on the victim. It builds on double extortion ransomware in which attackers simply encrypt a victim's data and threaten to leak it publicly if the ransom isn't paid.
"Ransomware threats today aren't just about encryption anymore," said Steve Winterfeld, Advisory CISO at Akamai. "Attackers are using stolen data, public exposure, and service outages to increase the pressure on victims. These methods are turning cyberattacks into full-blown business crises, and are forcing companies to rethink how they prepare and respond."
Other key findings from the report include:
- GenAI and large language models (LLMs) are helping to increase the frequency and scale of ransomware attacks by making it easier for individuals with less technical expertise to launch sophisticated campaigns. These individuals and groups use LLMs to write ransomware code and improve their social engineering tactics.
- Hacktivist/ransomware hybrid groups are increasingly using ransomware as a service (RaaS) platforms to amplify their impact, driven by a mix of political, ideological, and financial motives. These groups have evolved from previous hacktivist organizations; for example, Dragon RaaS emerged in 2024 as an offshoot of Stormous, shifting its focus from targeting major corporations to smaller organizations with weaker security.
- Cryptominers pose their own unique danger, but their goals and the strategies they employ are similar to those of ransomware groups. Akamai researchers found that nearly half the cryptomining attacks they analyzed targeted nonprofit and educational organizations, likely because of a lack of resources within these industries.
- The TrickBot malware family, used by ransomware groups globally, has extorted more than
US in cryptocurrency from victims since 2016. The Akamai Guardicore Hunt Team recently spotted this malware family linked to four suspicious scheduled tasks on five customers' systems.$724 million
The report also features an analysis of the current state of legal and regulatory efforts that affect how organizations respond to ransomware. Akamai Vice President and Chief Privacy Officer James A. Casey notes that while existing cybersecurity laws apply to ransomware, specific regulations focus on discouraging ransom payments. He also highlights the importance of robust cybersecurity measures, incident reporting, and risk management, as well as strategies like Zero Trust and microsegmentation, to build resilience against evolving ransomware threats. Casey stresses the necessity for organizations to stay informed and adapt to emerging threats.
Read the report to learn more and find out how Akamai uses mitigation techniques to reduce risk and strengthen defenses.
About Akamai
Akamai is the cybersecurity and cloud computing company that powers and protects business online. Our market-leading security solutions, superior threat intelligence, and global operations team provide defense-in-depth to safeguard enterprise data and applications everywhere. Akamai's full-stack cloud computing solutions deliver performance and affordability on the world's most distributed platform. Global enterprises trust Akamai to provide the industry-leading reliability, scale, and expertise they need to grow their business with confidence. Learn more at akamai.com and akamai.com/blog, or follow Akamai Technologies on X and LinkedIn.
Contacts
Public Relations
AkamaiPR@akamai.com
Investor Relations
invrel@akamai.com
View original content to download multimedia:https://www.prnewswire.com/news-releases/extortion-evolves-akamai-soti-report-examines-the-increasing-complexity-of-ransomware-attacks-302515773.html
SOURCE Akamai Technologies
FAQ
What is the new quadruple extortion tactic identified in Akamai's (AKAM) 2025 ransomware report?
How much money has the TrickBot malware family extorted according to Akamai's research?
How are AI and LLMs affecting ransomware attacks according to Akamai's 2025 report?
What industries are most targeted by cryptomining attacks according to Akamai (AKAM)?
What solutions does Akamai recommend for ransomware protection in 2025?
