New Research: Ransomware Data Extortion Skyrocketing

Stu Sjouwerman | Feb 14, 2025

Warn of RansomwareData theft extortion attacks increased by 46% in the fourth quarter of 2024, according to a new report from Nuspire.

These incidents have become a routine part of ransomware attacks, since the threat of a data breach puts additional pressure on victims to pay the ransom.

Ransomware gangs published stolen data on leak sites more than 2,200 times during Q4 2024. The finance and insurance industry saw the sharpest rise in data theft extortion last quarter.

The Finance & Insurance industry faces significant challenges in combating ransomware attacks due to its high-value data, complex systems, and stringent regulatory requirements, which can create process complexities,” Nuspire explains.

“Financial institutions are prime targets for attackers seeking large payouts or access to sensitive customer information such as PII and financial records. Threat actors often use techniques like double extortion, encrypting data while threatening to leak it publicly. Additionally, ransomware attacks can severely disrupt critical operations such as payment processing and customer account management, leading to costly downtime and reputational  damage.”

Since ransomware attacks frequently begin with a phishing attack, Nuspire recommends that organizations implement security awareness training as a layer of defense against these threats.

“User awareness is one of the most powerful and cost-effective ways to defend your organization from a cyberattack,” the report says. “Educate your end users on how to identify suspicious attachments, social engineering, and scams in circulation. Inform them of common theming, including any major events that could be created into a phishing lure.

Create procedures to verify sensitive business email requests (especially ones involving financial transactions) with a separate form of authentication in case an email account becomes compromised or is spoofed. Often, once an attacker has compromised an email account, they will use the account as an additional layer of ‘authenticity’ to attack within an organization.”

KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

Nuspire has the story.

Test Your Network’s Defenses with our Free Ransomware Simulator

When employees bypass guidance and fall for social engineering, your network security is the last line of defense. Run our 100% harmless RanSim tool on Windows 10+ workstations to safely simulate 25 ransomware and cryptomining infection scenarios, pinpoint technical vulnerabilities, and get your results in minutes.

Launch Your Free Ransomware Simulation

Secure the Digital Workforce: Human + AI

KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.