Ransomware Surges as Attempts Spike 146% Amid Aggressive Extortion Tactics
SAN JOSE, Calif., July 29, 2025 (GLOBE NEWSWIRE) -- Zscaler, Inc. (NASDAQ: ZS), the leader in cloud security, today published its annual Zscaler ThreatLabz 2025 Ransomware Report. The report examines the latest trends shaping the ransomware threat landscape, revealing how attacks are adapting and escalating. It highlights the most targeted sectors and regions, profiles the most active ransomware families, analyzes shifting attack methodologies, and provides actionable recommendations to help organizations strengthen their defenses. ThreatLabz's findings underscore the critical importance of organizations adopting a comprehensive Zero Trust Everywhere strategy. This approach is essential to prevent ransomware and other malicious threats from lateral movement and compromising sensitive user data, applications, and information.
'Ransomware tactics continue to evolve, with the growing shift toward extortion over encryption as a clear example,' said Deepen Desai, EVP Cybersecurity, Zscaler. 'GenAI is also increasingly becoming part of the ransomware threat actor's playbook, enabling more targeted and efficient attacks. As threats advance, security measures must keep pace. The Zscaler Zero Trust Exchange™ platform empowers organizations to shrink their attack surface, identify and block initial compromise threats, prevent lateral movement, and stop data exfiltration to shut down extortion events before they happen.'
Data Demand Fuels Steady Attack Growth
Ransomware attacks are intensifying at an alarming rate, with attempted attacks blocked in the Zscaler cloud up 146% year-over-year. This escalation reflects a strategic shift: ransomware groups are increasingly prioritizing extortion over encryption. Accordingly, the report details a 92% increase in the total volume of exfiltrated data by 10 major ransomware groups in the past year, rising from 123 TB to 238 TB. This emphasis on data theft—and the threat of exposure—allows attackers to exert greater pressure on victims, amplifying the impact of ransomware on organizations globally.
Industries Under Siege
Cybercriminals continue to focus on the high-stakes environments of the Manufacturing (1,063 attacks), Technology (922), and Healthcare (672) sectors, making them the most frequently hit by ransomware over the past year. These industries are particularly vulnerable due to the potential for operational disruption, the sensitivity of stolen data, and the associated risks of reputational damage and regulatory fallout.
The Oil & Gas sector has seen a staggering increase in ransomware attacks, spiking over 900% year-over-year. This surge is likely a result of increased automation of systems that control critical infrastructure, including drilling rigs and pipelines, expanding the sector's attack surface, coupled with outdated security practices.
United States Is the Target of Half of All Ransomware Attacks
Leak site data highlights a distinct geographic disparity, with victims in the United States accounting for 50% of ransomware attacks, significantly outpacing Canada (5%) and the United Kingdom (4%). Ransomware attacks in the U.S. more than doubled to 3,671, exceeding the combined total number of attacks reported across all other countries in the top 15 most-targeted countries. This concentration demonstrates how threat actors continue to strategically target digitally concentrated, high-value economies.
Ransomware Groups Driving the Surge
Several highly active groups continued to dominate the ransomware ecosystem, with RansomHub leading the pack, claiming the highest number of publicly named victims at 833. Akira and Clop have both moved up in the ransomware attack rankings since last year. Akira, associated with 520 victims, has steadily expanded its reach through numerous affiliates and initial access brokers. Clop, known for its focus on supply chain attacks, is close behind with 488 victims, employing an effective strategy of exploiting vulnerabilities in commonly used third-party software.
Zscaler ThreatLabz identified 34 newly active ransomware families over the past year, bringing the total number tracked to 425 since their research began, and has a public GitHub repository that now hosts 1,018 ransomware notes, with 73 added in the last year.
How Zscaler Stops Ransomware with Zero Trust + AI
Ransomware flourishes in environments with fragmented security, limited visibility, implicit trust, and outdated legacy architectures that amplify risk rather than reduce it. The Zscaler Zero Trust Exchange mitigates these risks by replacing traditional, network-centric models with a cloud-native, AI-driven zero trust architecture, and stops ransomware at every stage of the attack life cycle by:
Additional AI-powered ransomware protections from Zscaler include:
Download the Report
Get the full ThreatLabz 2025 Ransomware Report to explore how Zscaler ThreatLabz plays an active role in protecting enterprises worldwide. Download today.
Research Methodology
The research methodology for this report is a comprehensive process that uses multiple data sources to identify and track ransomware trends. The ThreatLabz team collected data between April 2024 and April 2025 from sources including the Zscaler global security cloud, and the team's own analysis of ransomware samples and attack data.
About ThreatLabz
ThreatLabz is the security research arm of Zscaler. This world-class team is responsible for hunting new threats and ensuring that the thousands of organizations using the global Zscaler platform are always protected. In addition to malware research and behavioral analysis, team members are involved in the research and development of new prototype modules for advanced threat protection on the Zscaler platform, and regularly conduct internal security audits to ensure that Zscaler products and infrastructure meet security compliance standards. ThreatLabz regularly publishes in-depth analyses of new and emerging threats on its portal, research.zscaler.com.
About Zscaler
Zscaler (NASDAQ: ZS) accelerates digital transformation so customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange™ platform protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Distributed across more than 160 data centers globally, the SASE-based Zero Trust Exchange is the world's largest in-line cloud security platform.
Media Contact:
Nick Gonzalez
[email protected]
A photo accompanying this announcement is available at https://www.globenewswire.com/NewsRoom/AttachmentNg/b92c9822-3941-45ec-8aa1-87defcd57281
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
28 minutes ago
- Yahoo
Sidus Space, Inc. (SIDU) Announces Closing of Public Offering
Sidus Space, Inc. (NASDAQ:SIDU) is among the 10 Best Low Priced Defense Stocks to Buy Now, based on hedge fund sentiment. On July 29, the company announced the closing of its public offering of 7,143,000 shares of its Class A common stock. A satellite in the night sky, glimmering with the promise of aerospace exploration. Each share was sold at a public offering price of $1.05 for gross proceeds of around $7.5 million, before deducting offering expenses and the placement agent's fees. Sidus Space, Inc. (NASDAQ:SIDU) intends to use the net proceeds for operational costs, sales and marketing, product development, manufacturing expansion, working capital, and other corporate purposes. CEO Carol Craig said the offering, coupled with the recent launch of dual-use Fortis VPX product line with integrated AI/ML processing, positions the company well to focus on growth opportunities ahead. Adarsh Parekh, the firm's CFO, believes the additional capital will strengthen the company's liquidity and aid in strategy execution and high-growth initiatives. Sidus Space, Inc. (NASDAQ:SIDU) is engaged in the design, manufacture, launch, and data collection of satellites. It serves the aerospace, commercial space, and defense industries. While we acknowledge the potential of SIDU as an investment, we believe certain AI stocks offer greater upside potential and carry less downside risk. If you're looking for an extremely undervalued AI stock that also stands to benefit significantly from Trump-era tariffs and the onshoring trend, see our free report on the best short-term AI stock. READ NEXT: 10 Best Aerospace Stocks to Buy Now and 13 Best Global Stocks to Buy Right Now. Disclosure: None. Erreur lors de la récupération des données Connectez-vous pour accéder à votre portefeuille Erreur lors de la récupération des données Erreur lors de la récupération des données Erreur lors de la récupération des données Erreur lors de la récupération des données
Yahoo
28 minutes ago
- Yahoo
US government turmoil stalls thousands of export approvals, sources say
By Karen Freifeld and Alexandra Alper (Reuters) -Thousands of license applications by U.S. companies to export goods and technology around the globe, including to China, are in limbo because turmoil at the agency in charge of approving them has left it nearly paralyzed, two sources said. While U.S. Commerce Secretary Howard Lutnick has become a familiar face touting President Donald Trump's tariff and trade deals, sources said the export bureau under Lutnick's command has failed to issue expected new rules, stifled communications with industry representatives, pushed out experts, and lost staff through buyouts and resignations. Shipments of artificial intelligence chips from Nvidia to China are the most high-profile example of licenses not being swiftly approved. The company said July 14 the government assured it licenses would be granted for its H20 chip, and it hoped to start deliveries soon. Lutnick and other officials confirmed sales would be allowed. But sources said this week no licenses have yet been issued, and billions of dollars of AI chip orders are at stake. One U.S. official said the backlog of license applications is the lengthiest in more than three decades. A spokesperson for Nvidia declined to comment. The Department of Commerce did not respond to a request for comment. The turmoil and resulting inaction at an agency tasked with promoting overseas trade and safeguarding American technology are alarming both those seeking tougher restrictions on exports to China and companies trying to sell their wares abroad. 'Licensing is how the U.S. does business and competes globally,' said Meghan Harris, who served on the National Security Council in the first Trump administration and has worked at Commerce. "Delays and unpredictability put us at an unnecessary disadvantage." The Commerce Department's Bureau of Industry and Security averaged 38 days per export license application in fiscal year 2023, the most recent data available, denying 2% of 37,943 applications. The license process enforces U.S. export restrictions in an effort to make sure sensitive goods and technology do not reach countries or entities whose use of the items could harm U.S. national security. Some staff have criticized Jeffrey Kessler, who became BIS undersecretary in March, saying he has micromanaged the bureau and failed to communicate adequately. Kessler did not respond to a request for comment. At a staff meeting soon after he took office, Kessler urged BIS staff to limit communications with company representatives and industry officials, according to two additional sources, who said he later asked for all meetings to be entered on a spreadsheet. Getting approval from Kessler's office to attend meetings with other government agencies has also been tricky, those sources said. Sources spoke anonymously because they were not authorized to speak publicly. FRUSTRATION AMONG EXPORTERS Frustration is growing within U.S. industry. 'We're seeing whole sectors where there is no movement or indication if or when licenses will be issued," including license applications for semiconductor manufacturing equipment worth billions of dollars, said Sean Stein, president of the US-China Business Council. While the clock is ticking on license applications, 'Chinese companies are exploring and doing deals with suppliers in China and other countries,' he said. 'The longer we have the delay, the more market share we're going to lose." Jim Anzalone, president of Compliance Assurance, a Florida-based trade consultancy, said he has seen delays in license approvals for sensors, radars, and sonar to Latin America and other parts of the world. 'There's nothing official about what the policy is and when the backlog would be cleared,' he said. He has received denials sporadically after submitting some two dozen applications months ago to export semiconductor manufacturing equipment to China, including four denials on Wednesday, he added. Sources stressed that some licenses are getting approved, especially exports to allied countries, and they noted that some communication with companies continues, especially around license applications. Commerce is also delaying regulatory changes. The agency said in May it would rescind and replace a Biden administration rule before it went into effect that month restricting where AI chips can be exported, but the agency has not done so yet. Other rules, which sources said have been drafted for months, have not been published, including one to expand export restrictions to subsidiaries of companies already banned from receiving controlled U.S. exports. Meanwhile, important staff vacancies such as China-based export control officers have not been filled, and high-level career employees have resigned. A retirement party was held this week for Dan Clutch, acting director of the BIS Office of Export Enforcement, the latest experienced staff member to leave. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Yahoo
28 minutes ago
- Yahoo
Microsoft Corporation (MSFT) Restructures Workforce to Power $80B AI Investment
We recently compiled a list of the Microsoft Corporation tops our list. Microsoft Corporation (NASDAQ:MSFT), a global tech leader based in Redmond, Washington, is undergoing strategic restructuring as it intensifies investment in artificial intelligence, and it tops our list for being one of the best strong buy stocks. In July 2025, the company announced the layoff of around 9,000 employees, nearly 4% of its global workforce, as part of cost-control efforts tied to a record $80 billion capital expenditure for fiscal 2025, largely focused on AI infrastructure. The cuts affect various departments, including sales and the King gaming division. The business is also streamlining its organizational structure by reducing management layers and simplifying product lines to enhance agility and innovation. Despite these workforce reductions, Microsoft Corporation (NASDAQ:MSFT), is accelerating AI integration across its product ecosystem. The company recently launched 'Copilot Mode' in its Edge browser, an AI-enhanced tool that analyzes multiple tabs and delegates tasks to improve productivity. Microsoft Research is also advancing large language models (LLMs) to handle more complex reasoning, reinforcing its commitment to AI leadership. drserg / In addition to product innovation, the business is expanding its global partnerships and environmental efforts. Its collaboration with Nvidia aims to apply AI in biodiversity research, while a new research lab in Singapore focuses on advancing innovation in the Asia-Pacific region. While we acknowledge the potential of GOOGL as an investment, we believe certain AI stocks offer greater upside potential and carry less downside risk. If you're looking for an extremely undervalued AI stock that also stands to benefit significantly from Trump-era tariffs and the onshoring trend, see our free report on the best short-term AI stock. READ NEXT: The Best and Worst Dow Stocks for the Next 12 Months and 10 Unstoppable Stocks That Could Double Your Money. Disclosure: None. Sign in to access your portfolio
