This e-book distills five key trends from the 2025 Unit 42 Global Incident Response Report, based on our direct experience responding to over 500 realworld cyberattacks across 38 countries in 2024.

Download whitepaper:

A proactive and robust cybersecurity approach is essential to safeguard critical assets, preserve business continuity, and maintain resilience.

We’ ll give CISOs and their teams actionable recommendations to navigate this complex landscape with confidence.

We are now experiencing a“ third wave” of extortion: intentional operational disruption. Attackers are moving beyond data theft or encryption to prioritize sabotaging systems and forcing prolonged downtime. Attacks are accelerating at unprecedented speed, with nearly one in five exfiltrations occurring within the first hour, assisted by automation and generative AI.

As always, Unit 42 is your strategic partner – providing incident response, threat intelligence, and proactive and managed services to help you build and maintain a secure ecosystem where your business can thrive.

TREND 1 Intentional operational disruption

In 2024, we observed threat actors augmenting traditional ransomware attacks with tactics specifically to disrupt business operations. This marks a new wave of extortion and goes beyond typical encryption and data exfiltration tactics. By disrupting systems, locking customers out, and forcing prolonged downtime, attackers sought to maximize their leverage in negotiating a ransomware payment.

Incidents that disrupted business operations saw a big jump in the median initial extortion demand. It went up 80 % from the previous year, from $ 695,000 in 2023 to $ 1.25 million in 2024.

PRESENTED BY

22 WWW. INTELLIGENTCISO. COM