Extortion Evolves: Akamai SOTI Report Examines the Increasing Complexity of Ransomware Attacks
Wednesday, August 6, 2025
New report explores the tactics, techniques, and procedures attackers use and the fallout for organizations
CAMBRIDGE, Mass., July 29, 2025 /PRNewswire/ -- Akamai Technologies (NASDAQ: AKAM), the cybersecurity and cloud computing company that powers and protects business online, has found that threat actors are using a new quadruple extortion tactic in ransomware campaigns, while double extortion remains the most common approach.
According to the new Akamai State of the Internet (SOTI) report, Ransomware Report 2025: Building Resilience Amid a Volatile Threat Landscape, the emerging trend of quadruple extortion includes using distributed denial-of-service (DDoS) attacks to disrupt business operations and harassing third parties -- like customers, partners, and media -- to increase the pressure on the victim. It builds on double extortion ransomware in which attackers simply encrypt a victim's data and threaten to leak it publicly if the ransom isn't paid.
"Ransomware threats today aren't just about encryption anymore," said Steve Winterfeld, Advisory CISO at Akamai. "Attackers are using stolen data, public exposure, and service outages to increase the pressure on victims. These methods are turning cyberattacks into full-blown business crises, and are forcing companies to rethink how they prepare and respond."
Other key findings from the report include:
-- GenAI and large language models (LLMs) are helping to increase the
frequency and scale of ransomware attacks by making it easier for
individuals with less technical expertise to launch sophisticated
campaigns. These individuals and groups use LLMs to write ransomware
code and improve their social engineering tactics.
-- Hacktivist/ransomware hybrid groups are increasingly using ransomware as
a service (RaaS) platforms to amplify their impact, driven by a mix of
political, ideological, and financial motives. These groups have evolved
from previous hacktivist organizations; for example, Dragon RaaS emerged
in 2024 as an offshoot of Stormous, shifting its focus from targeting
major corporations to smaller organizations with weaker security.
-- Cryptominers pose their own unique danger, but their goals and the
strategies they employ are similar to those of ransomware groups. Akamai
researchers found that nearly half the cryptomining attacks they
analyzed targeted nonprofit and educational organizations, likely
because of a lack of resources within these industries.
-- The TrickBot malware family, used by ransomware groups globally, has
extorted more than US$724 million in cryptocurrency from victims since
2016. The Akamai Guardicore Hunt Team recently spotted this malware
family linked to four suspicious scheduled tasks on five customers'
systems.
The report also features an analysis of the current state of legal and regulatory efforts that affect how organizations respond to ransomware. Akamai Vice President and Chief Privacy Officer James A. Casey notes that while existing cybersecurity laws apply to ransomware, specific regulations focus on discouraging ransom payments. He also highlights the importance of robust cybersecurity measures, incident reporting, and risk management, as well as strategies like Zero Trust and microsegmentation, to build resilience against evolving ransomware threats. Casey stresses the necessity for organizations to stay informed and adapt to emerging threats.
Read the report to learn more and find out how Akamai uses mitigation techniques to reduce risk and strengthen defenses.
About Akamai
Akamai is the cybersecurity and cloud computing company that powers and protects business online. Our market-leading security solutions, superior threat intelligence, and global operations team provide defense-in-depth to safeguard enterprise data and applications everywhere. Akamai's full-stack cloud computing solutions deliver performance and affordability on the world's most distributed platform. Global enterprises trust Akamai to provide the industry-leading reliability, scale, and expertise they need to grow their business with confidence. Learn more at akamai.com and akamai.com/blog, or follow Akamai Technologies on X and LinkedIn.
Contacts
Public Relations
AkamaiPR@akamai.com
Investor Relations
invrel@akamai.com
View original content to download multimedia:https://www.prnewswire.com/news-releases/extortion-evolves-akamai-soti-report-examines-the-increasing-complexity-of-ransomware-attacks-302515773.html
SOURCE Akamai Technologies
|
|
|
|
|
 |
Identiv Completes Thailand Manufacturing Transition, Unlocking Next-Generation Multicomponent Manufacturing for Advanced IoT Solutions | Jan 22, 2026
|
|
Global Cyber Alliance Identifies Five Cybersecurity Forces That Defined 2025 - And Will Shape 2026 | Jan 22, 2026
|
|
New Report Names States Most Vulnerable to Holiday Scams | Jan 22, 2026
|
|
pgEdge Announces pgEdge Agentic AI Toolkit for Postgres | Jan 22, 2026
|
|
LG ELECTRONICS INTRODUCES 2026 LG GRAM LINEUP ELEVATED BY AEROMINUM | Jan 22, 2026
|
|
Truvista Fiber Acquires SlyTel | Jan 22, 2026
|
|
Android Mobile Adware Surges in Second Half of 2025 | Jan 22, 2026
|
|
Guardz 2025 SMB Cybersecurity Report: Nearly 50% of U.S. Small Businesses Have Been Hit by Cyber Attack | Jan 22, 2026
|
|
Healthcare Industry Executives are Likely to be Personal Targets of Cybercrime | Jan 22, 2026
|
|
Breakthrough Progress: METiS TechBio Publishes Consecutive Research Findings in Nature Communications and the Journal for ImmunoTherapy of Cancer | Jan 22, 2026
|
|
|
