DIGITAL LIFE
Ahead of Anti-Ransomware Day, which is celebrated on May 12, experts at Check Point Software warn of the constant evolution of this threat, which has become increasingly strategic, aggressive and technologically sophisticated over time.
In 2017, WannaCry shook the world. In just a few days, the ransomware wreaked havoc on computer systems, affecting hundreds of companies and entities, causing hospitals in the United Kingdom to collapse and paralyzing factories and critical services on several continents. It is estimated that more than 200,000 Windows computers were affected, with losses in the order of billions of dollars.
As experts at Check Point Software point out, WannaCry was a turning point, but in light of what is happening in 2025, it seems like just the prologue to a threat that has become more strategic, more aggressive and technologically more sophisticated.
The year is not even half over, but researchers at the cybersecurity company are already considering it the most dangerous ever in terms of ransomware attacks. In the first three months of 2025 alone, 2,289 more ransomware victims were identified, an increase of 126% compared to the previous year.
According to the latest edition of Check Point's annual ransomware report, the United States remains the country most affected by this threat, with 50.2% of cases. India saw a 38% increase, driven by accelerated digitalization and gaps in cybersecurity infrastructure. The sectors most impacted include business services, manufacturing and retail, described as operationally critical and often poorly prepared areas. The evolution of this threat is marked by constant reinvention. Today, ransomware is more than just a simple lock-and-ransom malware, but has become a multi-stage extortion operation. For example, the Cl0p group, considered one of the most active, has almost completely abandoned file encryption, focusing instead on pure extortion based on stolen data.
With the emergence of triple extortion models, which combine DDoS attacks, public exposure of data and direct contact with victims’ customers or partners, cybercriminals are now aiming to increase the psychological and financial pressure. In addition, with the popularization of Ransomware-as-a-Service (RaaS) models, cybercrime has become accessible, automated and profitable.
Last year, 46 new ransomware groups emerged, a 48% growth driven by pre-configured kits, affiliate programs and even “customer” support services. Among the most active groups is RansomHub, responsible for 531 known attacks.
In 2025, AI will also become part of the cybercriminals' arsenal, enabling them to launch highly personalized phishing campaigns, malware developed using automatic code generation tools, or deepfakes in cases of corporate email fraud (BEC).
"We are witnessing the ransomware industrial revolution," says Sergey Shykevich, head of the threat intelligence group at Check Point, quoted in a press release. "AI makes it possible to personalize, launch and scale attacks with unprecedented ease, and the impact is not only technical, but also operational, financial and reputational," he highlights.
mundophone
No comments:
Post a Comment