《赛门铁克（Symantec）：2025年勒索软件威胁态势白皮书：韧性且持续（英文版）（23页）.pdf》由会员分享，可在线阅读，更多相关《赛门铁克（Symantec）：2025年勒索软件威胁态势白皮书：韧性且持续（英文版）（23页）.pdf（23页珍藏版）》请在三个皮匠报告上搜索。

1、WHITE PAPERRansomware 2025:A Resilient and Persistent ThreatAn Analysis fromthe SymantecThreat Hunter TeamWHITE PAPERIntroductionDuring 2024,ransomware continued to be the most potent cyber crime threat affecting enterprises worldwide.Ransomware remains the most lucrative form of attack for financia

2、lly motivated actors,with a highly successful business model that has been honed over time and a large,growing ecosystem of specialist actors that is capable of withstanding periodic shocks and disruption.In terms of financial return,no other threat is as consistently successful for attackers.Deploy

3、ing strong encryption across entire networks creates maximum disruption for targeted organizations.The development of so-called double extortion attacks,where attackers steal data prior to encryption and threaten to publish it on the dark web,creates an additional pain point for victims and ensures

4、that attackers still have leverage over victims who are well prepared and can restore systems from back-up.Attackers have also experimented with triple extortion attacks,where a distributed denial-of-service attack is launched against the victim if they dont pay promptly.The advent of ransomware-as-

5、a-service(RaaS)has not only made a major contribution to the volume of attacks,but it has also made the ransomware ecosystem more durable and capable of weathering disruption.RaaS was originally created as a means to allow ransomware operators to scale.A typical ransomware attack involving mass encr

6、yption of machines and data theft is a complex,multi-stage process involving an array of tools and usually a significant amount of hands-on-keyboard activity on the part of the attackers.This limited the number of attacks ransomware operators were able to perform.By franchising their tools and infra