Akamai Technologies, a global leader in cybersecurity and cloud services, has unveiled new insights into the rapidly evolving tactics used in ransomware attacks. According to its latest State of the Internet (SOTI) report titled Ransomware Report 2025: Building Resilience Amid a Volatile Threat Landscape, attackers are increasingly leveraging advanced extortion methods, including a sophisticated four-pronged strategy.
While the dual extortion method—where attackers encrypt data and threaten to leak it—continues to be the most common, a newer and more aggressive form of “quadruple extortion” is gaining traction. This approach includes not only encryption and data leakage threats but also disruptive distributed denial-of-service (DDoS) attacks and targeted harassment of third parties such as customers, partners, and media outlets to intensify pressure on the victim organization.
“Modern ransomware campaigns are no longer limited to data encryption,” said Steve Winterfeld, Advisory CISO at Akamai. “Today’s threat actors weaponize public exposure, stolen information, and service interruptions to create full-scale operational crises. This forces companies to reevaluate their cybersecurity readiness and incident response strategies.”
Cyber Technology Insights : DataPelago Appoints John “JG” Chirapurath as President to Accelerate Growth in Data and AI
Key Insights from the Report:
AI Fuels Attack Growth: The report highlights how generative AI tools and large language models (LLMs) are lowering the technical barriers for cybercriminals. These technologies enable individuals with minimal coding experience to craft effective ransomware payloads and enhance social engineering techniques.
Hybrid Hacktivist Groups on the Rise: A new breed of cyber threat actors is emerging—hybrid groups that blend hacktivism and financial crime. These groups are increasingly turning to ransomware-as-a-service (RaaS) platforms to extend their reach. Notably, Dragon RaaS, an evolution of the Stormous collective, has shifted its focus in 2024 from high-profile corporate targets to small and mid-sized entities with weaker security defenses.
Cryptomining Campaigns Mimic Ransomware Tactics: Akamai researchers identified parallels between cryptomining attacks and ransomware campaigns. Nearly 50% of the cryptomining incidents analyzed were directed at nonprofits and educational institutions, sectors often hampered by limited cybersecurity budgets and personnel.
TrickBot’s Ongoing Threat: One of the world’s most infamous malware families, TrickBot, continues to be a major player in the ransomware ecosystem. Since 2016, it has facilitated the theft of over $724 million in cryptocurrency. Akamai’s Guardicore Hunt Team recently observed TrickBot activity through a set of suspicious scheduled tasks on systems across five customer environments.
Cyber Technology Insights : Aeries Technology Partners with Skydda.ai to Bring AI-Enabled SOC Operations to GCC Clients
Regulatory Landscape and Defensive Strategies
In addition to technical analysis, the report delves into the regulatory responses shaping ransomware defense efforts. Akamai’s Vice President and Chief Privacy Officer, James A. Casey, underscores that although existing cybersecurity frameworks apply to ransomware, emerging policies are specifically targeting ransom payment discouragement.
Casey emphasizes the growing need for proactive cybersecurity measures, including:
Implementation of Zero Trust architectures
Adoption of microsegmentation strategies
Prompt and transparent incident reporting
Comprehensive risk assessment and management
He also advocates for continuous threat monitoring and employee training, which are critical to navigating today’s ever-changing threat landscape.
“As ransomware evolves in complexity and impact, staying informed and agile is not optional—it’s essential,” Casey noted.
Cyber Technology Insights : Dropzone AI Secures $37 Million Series B, Putting AI Security Analysts on the Front Lines of Cyber Battlefield
To participate in our interviews, please write to our CyberTech Media Room at sudipto@intentamplify.com
Source: prnewswire
