Extortion Evolves: Akamai SOTI Report Examines the Increasing Complexity of Ransomware Attacks
New report explores the tactics, techniques, and procedures attackers use and the fallout for organizations
According to the new Akamai State of the Internet (SOTI) report, Ransomware Report 2025: Building Resilience Amid a Volatile Threat Landscape, the emerging trend of quadruple extortion includes using distributed denial-of-service (DDoS) attacks to disrupt business operations and harassing third parties — like customers, partners, and media — to increase the pressure on the victim. It builds on double extortion ransomware in which attackers simply encrypt a victim's data and threaten to leak it publicly if the ransom isn't paid.
"Ransomware threats today aren't just about encryption anymore," said
Other key findings from the report include:
- GenAI and large language models (LLMs) are helping to increase the frequency and scale of ransomware attacks by making it easier for individuals with less technical expertise to launch sophisticated campaigns. These individuals and groups use LLMs to write ransomware code and improve their social engineering tactics.
-
Hacktivist/ransomware hybrid groups are increasingly using ransomware as a service (RaaS) platforms to amplify their impact, driven by a mix of political, ideological, and financial motives. These groups have evolved from previous hacktivist organizations; for example,
Dragon RaaS emerged in 2024 as an offshoot of Stormous, shifting its focus from targeting major corporations to smaller organizations with weaker security. - Cryptominers pose their own unique danger, but their goals and the strategies they employ are similar to those of ransomware groups. Akamai researchers found that nearly half the cryptomining attacks they analyzed targeted nonprofit and educational organizations, likely because of a lack of resources within these industries.
-
The TrickBot malware family, used by ransomware groups globally, has extorted more than
US$724 million in cryptocurrency from victims since 2016. The Akamai Guardicore Hunt Team recently spotted this malware family linked to four suspicious scheduled tasks on five customers' systems.
The report also features an analysis of the current state of legal and regulatory efforts that affect how organizations respond to ransomware. Akamai Vice President and Chief Privacy Officer
Read the report to learn more and find out how Akamai uses mitigation techniques to reduce risk and strengthen defenses.
About Akamai
Akamai is the cybersecurity and cloud computing company that powers and protects business online. Our market-leading security solutions, superior threat intelligence, and global operations team provide defense-in-depth to safeguard enterprise data and applications everywhere. Akamai's full-stack cloud computing solutions deliver performance and affordability on the world's most distributed platform. Global enterprises trust Akamai to provide the industry-leading reliability, scale, and expertise they need to grow their business with confidence. Learn more at akamai.com and akamai.com/blog, or follow
Contacts
Public Relations
AkamaiPR@akamai.com
Investor Relations
invrel@akamai.com
View original content to download multimedia:https://www.prnewswire.com/news-releases/extortion-evolves-akamai-soti-report-examines-the-increasing-complexity-of-ransomware-attacks-302515773.html
SOURCE
