Latest news with #AkamaiStateoftheInternet
Techday NZ
30-07-2025
- Business
- Techday NZ
Quadruple extortion ransomware rises in Asia Pacific region
The Akamai State of the Internet (SOTI) report has identified a shift in ransomware tactics in the Asia Pacific region, with quadruple extortion methods emerging alongside sustained use of double extortion techniques. The report, titled "Ransomware Report 2025: Building Resilience Amid a Volatile Threat Landscape," details how cybercriminals are incorporating an increasingly complex mix of threats and pressure on their victims. While double extortion ransomware, which involves encrypting a victim's data and threatening public release unless ransoms are paid, remains prevalent, the new quadruple extortion methods now include Distributed Denial of Service (DDoS) attacks and pressure exerted on customers, partners or the media to intensify the coercion. Steve Winterfeld, Advisory CISO at Akamai, outlined the expanding risk landscape facing organisations. "Ransomware threats today are not just about encryption anymore. Attackers are using stolen data, public exposure, and service outages to increase the pressure on victims. These methods are turning cyberattacks into full-blown business crises, and are forcing companies to rethink how they prepare and respond." Ransomware accounted for a significant share of total data breaches in Asia Pacific in 2024, with the report warning that organisations must enhance cyberdefence strategies and test resilience capabilities in order to prevent major disruptions. Regional impacts According to the report, groups such as LockBit, BlackCat/ALPHV, and CL0P continue to pose major threats in the region, although newcomers Abyss Locker and Akira are growing in prevalence. These syndicates have prioritised critical sectors, with healthcare and legal services identified as primary targets. High-profile incidents in recent months include the Abyss Locker breach, which resulted in the theft of 1.5TB of sensitive data from Australia's Nursing Home Foundation, and a USD $1.9 million extortion payout by a Singapore-based law firm following an Akira ransomware incident. Emergence of hybrid actors The report notes the growing activity from hybrid ransomware activist groups, some of which leverage ransomware-as-a-service (RaaS) to expand operational reach. Groups such as RansomHub, Play, and Anubis have been implicated in attacks on small and medium-sized enterprises, healthcare organisations, and educational institutions across Asia Pacific. Targets include an Australian in vitro fertilisation clinic and several medical practices affected by these syndicates. Compliance complexity A key theme highlighted is the increasingly complicated compliance landscape facing affected businesses. In Asia Pacific, uneven regulatory maturity and fragmented data protection laws have enabled cybercriminals to exploit gaps and delays in incident response. The report outlines how non-compliance risks differ significantly, citing Singapore's Personal Data Protection Act (PDPA) – with fines up to 10% of annual revenue – compared to potential criminal penalties in India, and the lack of formal financial penalties in Japan. These variations create a patchwork of obligations that multinational firms must navigate whilst managing the onset of a ransomware crisis. Zero Trust and defence strategies The report urges organisations to focus on the adoption of Zero Trust architectures and microsegmentation in order to address the challenges of modern ransomware threats. Case studies include a regional consulting firm in Asia Pacific deploying software-defined microsegmentation, which facilitated restrictive access controls and limited the spread of an attack within its network. Reuben Koh, Director of Security Technology and Strategy, Asia-Pacific & Japan at Akamai, commented on the regional context and the growing expectations on security teams. "Asia-Pacific's digital economy is one of the fastest growing in the world, largely due to its rapid pace of innovation. However, security teams are being challenged to keep up with a frequently expanding attack surface, and Ransomware attacks tend to target those blind spots. Organisations need to re-assess their security posture and double-down in their efforts to be more cyber resilient. Adopting Zero Trust architectures that are centred around verified access and microsegmentation are a good way to minimise the impact of a ransomware attack. Together with regular recovery drills and incident response simulations, these will become core essentials in improving cyber resilience against attacks like ransomware." Global trends On a global scale, the report identifies that the rise of generative artificial intelligence (GenAI) and large language models (LLMs) is accelerating both the frequency and sophistication of ransomware attacks by lowering the technical barriers for attackers. The use of ransomware-as-a-service is also broadening the base of active threat actors, with many campaigns motivated by political or ideological factors as well as financial gain. The research highlights that almost half of the cryptomining attacks analysed targeted nonprofit and educational organisations, indicating resource constraints make these sectors a frequent target. Additionally, the Trickbot malware family, used extensively by ransomware operators, has enabled the extortion of USD $724 million in cryptocurrency from victims globally since 2016.
Yahoo
24-04-2025
- Business
- Yahoo
Akamai Empowers Partners to Deliver Services and Support
Certified partners can now deliver Day-2 Operations Services for Akamai API solutions and technical support for Akamai Guardicore Segmentation environments CAMBRIDGE, Mass., April 24, 2025 /PRNewswire/ -- Akamai Technologies (NASDAQ: AKAM), the cybersecurity and cloud computing company that powers and protects business online, today announced updates to its Security Certified Service Provider programs for API security solutions and for Akamai Guardicore Segmentation. Certified partners can now offer Day-2 Operations Services related to Akamai API security products and solutions, just as they do for Akamai Guardicore Segmentation. Additionally, they can provide Akamai Guardicore Segmentation technical support directly to their customers. According to a recent Akamai State of the Internet (SOTI) report, API attacks come in various forms, including data breaches, abuse, and distributed denial-of-service attacks. In fact, Akamai recorded 108 billion API attacks from January 2023 through June 2024. These attacks can lead to data theft, reputation damage, regulatory fines, and significant financial losses, highlighting the importance of securing APIs. "The enhancements Akamai has made to its Security Certified Service Provider programs enable us to better deliver services directly to our customers, significantly increasing our ability to meet their unique needs and ensure they receive the best possible protection and support," said Florent Houy, Head of Cloud Innovation at Orange Cyberdefense in France. "These partner program updates strengthen our collective capability and Orange Cyberdefense's microsegmentation service offering to secure digital assets, ensure flexibility, meet our customers' expectations, and help our clients stay focused on what matters most: their business." "The channel is the backbone of the cybersecurity industry where everyone wins — technology providers expand their reach, partners grow their business, and customers get the best security solutions tailored to their needs," said Paul Joseph, Executive Vice President, Global Sales and Services at Akamai. "Empowering our partners with the right tools, training, and support is key to driving success. These enhancements to the Akamai channel program position our partners as their customers' trusted security advisor and single point of contact, empowering both partner and customer to accelerate the growth of their business." Ongoing Day-2 Operations Services are essential for maintaining a strong security posture as organizations refine their segmentation and API security strategies. Day-2 Operations Services for API security includes: Operational and management services — Enable partners to maximize their value to customers through hybrid deployments, quarterly business reviews, and API audits and compliance Security incident management services — Allow partners to connect customer API security deployments to their Security Operations Center so partner incident response teams receive detection alerts from Akamai API Security and any other solutions deployed Active testing — Enables customers to identify and remediate API vulnerabilities before they are deployed to production, which can help eliminate risk and save on remediation costs Guardicore Certified Services Partners are now able to provide the full suite of services of the microsegmentation lifecycle from project delivery to 24/7 first-line support to day-2 operations to keep the policy up to date and monitor potential security incidents while maintaining compliance. Akamai Guardicore Segmentation customers now have a choice to use their local certified partners to provide them the entire services suite. Day-2 Operations Services for Akamai Guardicore Segmentation includes: Segmentation administration services — Allow partners to maximize the value of their customer's Akamai Guardicore Segmentation deployment by updating and expanding their implementation Security incident management services — Allow partners to connect their customer's Akamai Guardicore Segmentation deployment to their Security Operations Center and use it to contain threats by preventing lateral movement and isolate infected assets until resolution Audit and compliance services — Allow partners to streamline audit and compliance management by providing a single source of truth about what is communicating in their customer's networks, and enable consistent policy enforcement across their environment Learn more about Akamai's Security Certified Service Provider programs. About Akamai Akamai is the cybersecurity and cloud computing company that powers and protects business online. Our market-leading security solutions, superior threat intelligence, and global operations team provide defense-in-depth to safeguard enterprise data and applications everywhere. Akamai's full-stack cloud computing solutions deliver performance and affordability on the world's most distributed platform. Global enterprises trust Akamai to provide the industry-leading reliability, scale, and expertise they need to grow their business with confidence. Learn more at and or follow Akamai Technologies on X and LinkedIn. ContactsAkamai PRAkamaiPR@ Investor relationsIR-InvestorRelations@ View original content to download multimedia: SOURCE Akamai Technologies Sign in to access your portfolio
