What's Happening?
Insurance experts have highlighted a significant increase in extortion-only attacks, urging organizations to adopt preventive measures to manage these threats effectively. According to a report by insurer Resilience, 65% of extortion-related claims in the latter
half of 2025 did not involve data encryption, a rise from 49% earlier in the year. The report indicates that data theft, either alone or combined with encryption, accounted for 87% of ransomware claims by the end of 2025. The findings suggest that paying ransoms for data suppression often fails, with 30-40% of stolen data eventually leaked despite payments. The report emphasizes the importance of shifting focus from recovery to prevention, recommending the use of data loss prevention technology and zero trust architectures to mitigate risks.
Why It's Important?
The surge in extortion-only attacks poses a significant threat to organizations, highlighting the need for robust preventive strategies. The report underscores the complexity of ransom payments, which often do not guarantee data suppression, thus marking organizations as future targets. This development stresses the importance of adopting a proactive approach, including legal counsel engagement and incident response planning, to navigate extortion demands effectively. The financial and reputational risks associated with these attacks necessitate a comprehensive understanding of attacker tactics and the implementation of preventive measures to safeguard sensitive data and maintain organizational integrity.
What's Next?
Organizations are advised to prepare for potential extortion scenarios by developing decision frameworks and conducting tabletop exercises to test their readiness. These exercises should involve key stakeholders, including legal and executive teams, to ensure a coordinated response. Additionally, organizations should monitor the long-term financial impacts of extortion incidents, such as regulatory fines and customer churn, to better understand the true cost of these attacks. By prioritizing prevention and preparedness, organizations can enhance their resilience against extortion-only threats and reduce their risk exposure.
