Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Data at Risk: 96% of Ransomware Attacks Involve Data Theft

    Stu Sjouwerman | Mar 6, 2025

    Warn of RansomwareA new report from Arctic Wolf has found that 96% of ransomware attacks now involve data theft as criminals seek to force victims to pay up.

    “As potential victims implemented more reliable backup and restoration processes, ransomware operators introduced data exfiltration as a means to apply additional pressure and protect their revenue streams,” Arctic Wolf says.

    The researchers note that even if the victim pays the ransom, there’s no way to guarantee that the threat actor won’t store the stolen data for future use or sell it discreetly on the underground market.

    The report also found that organizations in the finance and insurance sector are being bombarded by business email compromise (BEC) attacks.

    “The finance and insurance industry accounted for 26.5% of BEC IR cases, roughly double the second-place industry (legal and government, at 13.3%),” the report says. “In fact, BEC accounted for 53% of IR cases pertaining to finance and insurance — the only industry for which BEC outnumbered ransomware. Clearly, organizations that regularly exchange money and process payment details over email are in the crosshairs of BEC attacks.”

    Arctic Wolf notes that BEC attacks are fueled by social engineering, which allows attackers to bypass technical security measures.

    Phishing offers the path of least resistance in the BEC context, as a well-crafted email can trick a victim into performing actions that benefit the attacker — whether directly fulfilling the goal (e.g., transferring funds) or executing an intermediary step (e.g., providing credentials that the attacker can subsequently abuse),” the researchers write.

    “But note, also, the significant contribution of previously compromised account/credentials. These are cases in which a threat actor stole, bought, or found credentials and used these to log in to some application or system within the IT environment. In some cases, they simply logged in to the email service itself.”

    KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

    Arctic Wolf has the story.

    Topics: Social Engineering Phishing Ransomware Security Culture

    Ransomware Simulator

    Free downloadable software tool

    Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

    RanSim gives you a quick look at the effectiveness of your existing network protection. RanSim will test 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

    RansIm-Monitor3Here's how it works:

    • 100% harmless simulation of real ransomware and cryptomining infections
    • Does not use any of your own files
    • Tests 25 types of infection scenarios
    • Just download the installer and run it
    • Results in a few minutes!

    Get RanSim!

    Secure the Digital Workforce: Human + AI

    KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the Founder and Executive Chairman of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog

    Posts By Topic

    View All