{"id":959,"date":"2025-12-08T19:43:57","date_gmt":"2025-12-08T17:43:57","guid":{"rendered":"https:\/\/www.cloudtango.net\/blog\/?p=959"},"modified":"2025-12-08T19:43:57","modified_gmt":"2025-12-08T17:43:57","slug":"adapting-to-the-new-age-of-ai-powered-cyber-threats","status":"publish","type":"post","link":"https:\/\/www.cloudtango.net\/blog\/2025\/12\/08\/adapting-to-the-new-age-of-ai-powered-cyber-threats\/","title":{"rendered":"Adapting to the New Age of AI-Powered Cyber Threats"},"content":{"rendered":"<p><span data-contrast=\"auto\">When you\u00a0log in to your computer on\u00a0a Monday\u00a0morning and\u00a0see that ransomware screen demanding payment,\u00a0you should realize that\u00a0the attack\u00a0didn\u2019t\u00a0start that weekend. As Net at Work CISO Michael Powell explains, \u201cTo stage an attack, it\u2019s not uncommon for a threat actor to have been in the environment up to 90 days.\u201d<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">For\u00a0weeks or\u00a0months, threat actors\u00a0may\u00a0have been cataloging your data and exfiltrating files. With\u00a0<\/span><a title=\"Ransomware trends\" href=\"https:\/\/www.techtarget.com\/searchsecurity\/feature\/Ransomware-trends-statistics-and-facts?utm_campaign=sm_mits&amp;utm_source=linkedin&amp;utm_medium=100000004&amp;utm_content=newagecyberthreats\"><span data-contrast=\"none\">U.S. ransomware attacks up 149% year-over-year<\/span><\/a><span data-contrast=\"auto\">\u00a0as of\u00a0early 2025, understanding how these attacks work has never been more critical.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Most attacks follow predictable patterns. Once you understand the playbook, you can build defenses that work.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">In this article you will learn:<\/span><\/b><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<ul>\n<li><span data-contrast=\"auto\">Why even well-funded cybersecurity efforts struggle to keep pace with evolving threats<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">How the \u201cdouble extortion\u201d ransomware model puts organizations at risk even with backups<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">Why AI has made business email compromise\u00a0nearly impossible\u00a0to detect<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">Simple defensive strategies that dramatically improve security posture<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">How to evaluate readiness and find the right security partners<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<h2><b><span data-contrast=\"auto\">Why This Keeps Happening<\/span><\/b><span data-ccp-props=\"{}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">\u201cWhy is it hard? Why are we still trying to solve this\u00a0problem?\u201d\u00a0Powell asks. His answer: \u201cWe\u2019re effectively in an arms race.\u201d<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Organizations invest heavily and close vulnerabilities. Yet as one gap closes, attackers adapt.\u00a0<\/span><a title=\"cyber attacks\" href=\"https:\/\/blog.checkpoint.com\/research\/q1-2025-global-cyber-attack-report-from-check-point-software-an-almost-50-surge-in-cyber-threats-worldwide-with-a-rise-of-126-in-ransomware-attacks\/?utm_campaign=sm_mits&amp;utm_source=linkedin&amp;utm_medium=100000004&amp;utm_content=newagecyberthreats\"><span data-contrast=\"none\">Cyber attacks per organization increased 47% in Q1 2025<\/span><\/a><span data-contrast=\"auto\">, reaching 1,925 weekly attacks on average.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">The\u00a0real challenge\u00a0is asymmetry. Powell explains, \u201cThere could be more people trying to attack your organization than you have to play defense.\u201d<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h2><b><span data-contrast=\"auto\">The Ransomware Reality<\/span><\/b><span data-ccp-props=\"{}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">During the\u00a030-90 day\u00a0reconnaissance phase, attackers\u00a0aren\u2019t\u00a0randomly grabbing files. \u201cThey pull a file listing and then based on the file names and the file structures,\u00a0they\u00a0go for the information that they think is pertinent,\u201d Powell explains. They systematically\u00a0identify\u00a0personally identifiable information, financial records, and commercially sensitive data,\u00a0then slowly exfiltrate copies.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">When\u00a0attackers are\u00a0ready to strike, timing matters. \u201cWe often see spikes around weekends, around evenings, around holidays.\u201d Powell notes, \u201cThis is because reconnaissance and encryption take time.\u201d They choose moments when\u00a0you\u2019re\u00a0least likely to respond quickly.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h2><b><span data-contrast=\"auto\">The Double Threat<\/span><\/b><span data-ccp-props=\"{}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">Even with robust backups, you face what Powell calls the \u201cdouble extortion threat.\u201d<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">\u201cYour data is encrypted,\u00a0and\u00a0you need to decrypt it to continue\u00a0to do\u00a0business,\u201d he explains. \u201cBut\u00a0the threat actor knows these days people put reasonable technology controls in place.\u00a0They\u2019re\u00a0betting you have backups, so they add a second pressure point: pay up, or we leak everything.\u201d<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">The consequences go beyond embarrassment. Depending on your location and the data involved, you may face legal obligations to notify affected individuals. The\u00a0<\/span><a title=\"Ransomware stats\" href=\"https:\/\/spacelift.io\/blog\/ransomware-statistics?utm_campaign=sm_mits&amp;utm_source=linkedin&amp;utm_medium=100000004&amp;utm_content=newagecyberthreats\"><span data-contrast=\"none\">average ransom demand in 2024 was $4.32 million<\/span><\/a><span data-contrast=\"auto\">, but legal costs and reputational damage can dwarf that figure.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><a href=\"https:\/\/www.fortinet.com\/resources\/cyberglossary\/ransomware-statistics?utm_campaign=sm_mits&amp;utm_source=linkedin&amp;utm_medium=100000004&amp;utm_content=newagecyberthreats\"><span data-contrast=\"none\">Nearly one in five small businesses that suffered a cyberattack filed for bankruptcy or closed<\/span><\/a><span data-contrast=\"auto\">. This\u00a0isn\u2019t\u00a0an IT problem;\u00a0it\u2019s\u00a0a\u00a0serious\u00a0business survival issue.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h2><b><span data-contrast=\"auto\">How AI Changed Business Email Compromise<\/span><\/b><span data-ccp-props=\"{}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">While ransomware grabs headlines,\u00a0business\u00a0email\u00a0compromise\u00a0(BEC)\u00a0operates\u00a0quietly\u00a0and is equally devastating.\u00a0<\/span><a title=\"email threat trends\" href=\"https:\/\/www.thesslstore.com\/blog\/business-email-compromise-statistics\/?utm_campaign=sm_mits&amp;utm_source=linkedin&amp;utm_medium=100000004&amp;utm_content=newagecyberthreats\"><span data-contrast=\"none\">BEC was the second-costliest cybercrime in 2023, with nearly\u00a0$3 billion\u00a0in losses<\/span><\/a><span data-contrast=\"auto\">.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">AI has fundamentally transformed the threat. Attackers\u00a0<a href=\"https:\/\/www.netatwork.com\/email-security-strategy-why-automated-security-awareness-training-is-critical\/?utm_campaign=sm_mits&amp;utm_source=linkedin&amp;utm_medium=100000004&amp;utm_content=newagecyberthreats\">compromise an email account<\/a>\u00a0and download sent items. Previously, analyzing that\u00a0information manually\u00a0took time. Now? \u201cYou download that information, you throw it into AI,\u00a0and then you can ask it questions,\u201d Powell explains.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">The AI builds a complete profile and generates emails that perfectly mimic executives\u2019 communication. \u201cWhere we used to be able to spot those emails with relative ease,\u201d Powell says, \u201cAI helps the threat actor be a lot more convincing with very little additional work.\u201d<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">With\u00a0<\/span><a title=\"email threat stats\" href=\"https:\/\/hoxhunt.com\/blog\/business-email-compromise-statistics?utm_campaign=sm_mits&amp;utm_source=linkedin&amp;utm_medium=100000004&amp;utm_content=newagecyberthreats\"><span data-contrast=\"none\">73% of reported cyber incidents in 2024 being BEC attacks<\/span><\/a><span data-contrast=\"auto\">, and\u00a0<\/span><a title=\"business email compromise\" href=\"https:\/\/blog.lastpass.com\/posts\/business-email-compromise?utm_campaign=sm_mits&amp;utm_source=linkedin&amp;utm_medium=100000004&amp;utm_content=newagecyberthreats\"><span data-contrast=\"none\">organizations with 1,000+ employees facing a 70% weekly probability of at least one BEC attack<\/span><\/a><span data-contrast=\"auto\">, this demands constant vigilance.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h2><b><span data-contrast=\"auto\">Your People: Vulnerability and Solution<\/span><\/b><span data-ccp-props=\"{}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">\u201cMost of the compromises we see occur because a person takes an action,\u201d Powell says. \u201cBut they\u2019re rarely doing it with malicious intent.\u201d<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Most breaches happen because employees respond to what appears urgent. \u201cPretty much every phishing test I have ever been a part of, at least one person has clicked\u00a0the email,\u00a0and you only need one.\u201d<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">The solution\u00a0lies in\u00a0changing the culture around reporting threats rather than\u00a0carrying out punishments. \u201cPeople shouldn\u2019t feel\u00a0that if they raise a security threat, the IT team is going to pounce on them,\u201d Powell emphasizes.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">\u201cEvery person is a sensor,\u201d Powell explains. Train people to recognize what normal looks like, then empower them to speak up. Modern training uses gamification: You click something,\u00a0and then\u00a0there\u2019s just-in-time training that shows you why that was good,\u00a0or\u00a0why that was bad.\u201d<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h2><b><span data-contrast=\"auto\">Building Defenses That Work<\/span><\/b><span data-ccp-props=\"{}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">Effective defense requires layered approaches\u00a0that\u00a0create\u00a0multiple \u201ctripwires.\u201d<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">\u201cThe more visibility you have, the more chances you\u2019ve got of spotting an anomaly,\u201d Powell explains. Each layer, including\u00a0endpoint detection, email security, patching, backups, network segmentation,\u00a0increases the likelihood\u00a0you\u2019ll\u00a0catch attacks before they succeed.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">But technology alone\u00a0isn\u2019t\u00a0enough. Organizations need clear procedures. Powell shares\u00a0an example of\u00a0a company with excellent\u00a0technology\u00a0but no response plan: \u201cPerson A looks at person\u00a0B,\u00a0they don\u2019t know who\u2019s responsible. Can we turn the system off? We don\u2019t know who\u00a0approves\u00a0that.\u201d<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">His advice: \u201cIf you don\u2019t know\u00a0who to inform in case of a breach, find out.\u201d Conduct tabletop exercises revealing gaps. \u201cHave people sit around a table and\u00a0practice what they would do if a ransomware email came in.\u201d<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h2><b><span data-contrast=\"auto\">Where to Start<\/span><\/b><span data-ccp-props=\"{}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">Powell offers a straightforward evaluation framework:<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<ul>\n<li><b><span data-contrast=\"auto\">Evaluate what you have.<\/span><\/b><span data-contrast=\"auto\">\u00a0\u201cThere are so many times I\u2019ve gone into an organization where they\u2019re paying for something, but they\u2019re using less than 10% of it.\u201d Understand current capabilities before buying\u00a0new solutions.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<li><b><span data-contrast=\"auto\">Define risk tolerance.<\/span><\/b><span data-contrast=\"auto\">\u00a0What\u2019s acceptable downtime for different systems? Document thresholds in advance.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<li><b><span data-contrast=\"auto\">Conduct regular audits.<\/span><\/b><span data-contrast=\"auto\">\u00a0Most insurance carriers\u00a0require\u00a0annual assessments and often help with scanning.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<li><b><span data-contrast=\"auto\">Leverage available\u00a0expertise.<\/span><\/b><span data-contrast=\"auto\">\u00a0Your insurance company often provides guidance. If working with technology providers, understand what\u00a0expertise\u00a0they have that they could bring to bear\u00a0in the event of\u00a0an incident.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<li><b><span data-contrast=\"auto\">Consider cybersecurity as a service.<\/span><\/b><span data-contrast=\"auto\">\u00a0For many businesses,\u00a0working\u00a0with a managed security service provider offers specialized skills without building an in-house team. \u201cWhat they\u2019re effectively doing\u00a0is delivering\u00a0the speed,\u00a0delivering\u00a0the skills\u00a0and\u00a0reducing\u00a0the cost,\u201d Powell explains.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">When evaluating providers, Powell emphasizes fit over features: \u201cLook for the one that suits your business and your processes.\u201d\u00a0And be sure to verify responsiveness:\u00a0\u201cThere\u2019s nothing worse than receiving\u00a0a\u00a0ransomware attempt on a Friday night and then realizing that the partner says\u00a0they\u2019ll\u00a0deal with it Monday morning.\u201d<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">And be sure to check\u00a0references. \u201cTry to find an organization they\u2019ve worked with and talk to that organization. When you\u2019re buying into cybersecurity as a service, you\u2019re buying into trust.\u201d<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h2><b><span data-contrast=\"auto\">Moving Forward with Confidence<\/span><\/b><span data-ccp-props=\"{}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">Understanding that attacks follow patterns, defenses can be layered effectively, and preparation dramatically improves outcomes\u00a0will\u00a0put you in a stronger position. With\u00a0<\/span><a title=\"Ransomware trends\" href=\"https:\/\/unit42.paloaltonetworks.com\/2025-ransomware-extortion-trends\/?utm_campaign=sm_mits&amp;utm_source=linkedin&amp;utm_medium=100000004&amp;utm_content=newagecyberthreats\"><span data-contrast=\"none\">86% of cyber incidents involving business disruption<\/span><\/a><span data-contrast=\"auto\">, the question\u00a0isn\u2019t\u00a0whether to invest in security, but how to invest wisely.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h2><b><span data-contrast=\"auto\">Take the Next Step<\/span><\/b><span data-ccp-props=\"{}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">Net at Work helps organizations build resilient security strategies that balance protection with practical business needs.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">For a limited time,\u00a0we\u2019re\u00a0offering complimentary assessments:<\/span><\/b><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<ul>\n<li><b><span data-contrast=\"auto\">IT Infrastructure Assessment<\/span><\/b><span data-contrast=\"auto\">: Comprehensive evaluation\u00a0identifying\u00a0vulnerabilities and opportunities<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<li><b><span data-contrast=\"auto\">Email Security Assessment<\/span><\/b><span data-contrast=\"auto\">: In-depth analysis of your email security posture\u2014the primary attack vector for both ransomware and BEC<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">Don\u2019t\u00a0wait for a breach to discover where your defenses fall short. Contact Net at Work today to schedule your assessment and start building security that protects your business without compromising operations.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">Ready to strengthen your security?\u00a0<\/span><\/b><a title=\"Net at Work\" href=\"https:\/\/www.netatwork.com\/?utm_campaign=sm_mits&amp;utm_source=linkedin&amp;utm_medium=100000004&amp;utm_content=newagecyberthreats\"><b><span data-contrast=\"none\">Contact Net at Work<\/span><\/b><\/a><b><span data-contrast=\"auto\">\u00a0to\u00a0claim your complimentary assessments and speak with experts who understand your challenges.<\/span><\/b><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h2><b><span data-contrast=\"auto\">Key Takeaways<\/span><\/b><span data-ccp-props=\"{}\">\u00a0<\/span><\/h2>\n<ul>\n<li><b><span data-contrast=\"auto\">Understand the timeline:<\/span><\/b><span data-contrast=\"auto\">\u00a0Ransomware attacks involve 30-90 days\u00a0of reconnaissance before encryption. Early detection is everything.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<li><b><span data-contrast=\"auto\">Prepare for double extortion:<\/span><\/b><span data-contrast=\"auto\">\u00a0Even with backups, data leaks trigger legal obligations and reputational damage.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<li><b><span data-contrast=\"auto\">Take AI seriously:<\/span><\/b><span data-contrast=\"auto\">\u00a0BEC attacks now use AI to perfectly mimic writing styles, making traditional detection\u00a0nearly impossible.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<li><b><span data-contrast=\"auto\">Build culture, not just controls:<\/span><\/b><span data-contrast=\"auto\">\u00a0Encourage reporting without punishment. Every employee is a sensor who can spot anomalies.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<li><b><span data-contrast=\"auto\">Layer your defenses:<\/span><\/b><span data-contrast=\"auto\">\u00a0Multiple security controls create \u201ctripwires\u201d that increase chances of catching attacks early.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<li><b><span data-contrast=\"auto\">Rehearse your response:<\/span><\/b><span data-contrast=\"auto\">\u00a0Tabletop exercises reveal gaps and build muscle memory for critical decisions.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<li><b><span data-contrast=\"auto\">Leverage external\u00a0expertise:<\/span><\/b><span data-contrast=\"auto\">\u00a0Insurance carriers and managed security providers offer prohibitively expensive skills and resources.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<h2><span data-ccp-props=\"{}\">\u00a0<\/span><b><span data-contrast=\"auto\">Sources<\/span><\/b><span data-ccp-props=\"{}\">\u00a0<\/span><\/h2>\n<ol>\n<li><span data-contrast=\"auto\">TechTarget, \u201c<\/span><a title=\"Ransomware trends\" href=\"https:\/\/www.techtarget.com\/searchsecurity\/feature\/Ransomware-trends-statistics-and-facts?utm_campaign=sm_mits&amp;utm_source=linkedin&amp;utm_medium=100000004&amp;utm_content=newagecyberthreats\"><span data-contrast=\"none\">Ransomware trends, statistics and facts<\/span><\/a><span data-contrast=\"auto\">,\u201d 2025.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">Check Point Research, \u201c<\/span><a title=\"Ransomware attacks\" href=\"https:\/\/blog.checkpoint.com\/research\/q1-2025-global-cyber-attack-report-from-check-point-software-an-almost-50-surge-in-cyber-threats-worldwide-with-a-rise-of-126-in-ransomware-attacks\/?utm_campaign=sm_mits&amp;utm_source=linkedin&amp;utm_medium=100000004&amp;utm_content=newagecyberthreats\"><span data-contrast=\"none\">Q1 2025 Global Cyber Attack Report<\/span><\/a><span data-contrast=\"auto\">,\u201d May 2025.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">Spacelift, \u201c<\/span><a title=\"Ransomware stats\" href=\"https:\/\/spacelift.io\/blog\/ransomware-statistics?utm_campaign=sm_mits&amp;utm_source=linkedin&amp;utm_medium=100000004&amp;utm_content=newagecyberthreats\"><span data-contrast=\"none\">50+ Ransomware Statistics for 2025<\/span><\/a><span data-contrast=\"auto\">,\u201d July 2025.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">Fortinet, \u201c<\/span><a href=\"https:\/\/www.fortinet.com\/resources\/cyberglossary\/ransomware-statistics?utm_campaign=sm_mits&amp;utm_source=linkedin&amp;utm_medium=100000004&amp;utm_content=newagecyberthreats\"><span data-contrast=\"none\">Ransomware Statistics 2025<\/span><\/a><span data-contrast=\"auto\">,\u201d 2025.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">The SSL Store, \u201c<\/span><a href=\"https:\/\/www.thesslstore.com\/blog\/business-email-compromise-statistics\/?utm_campaign=sm_mits&amp;utm_source=linkedin&amp;utm_medium=100000004&amp;utm_content=newagecyberthreats\"><span data-contrast=\"none\">Business Email Compromise Statistics<\/span><\/a><span data-contrast=\"auto\">,\u201d March 2024.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">Hoxhunt, \u201c<\/span><a href=\"https:\/\/hoxhunt.com\/blog\/business-email-compromise-statistics?utm_campaign=sm_mits&amp;utm_source=linkedin&amp;utm_medium=100000004&amp;utm_content=newagecyberthreats\"><span data-contrast=\"none\">Business Email Compromise Statistics 2025<\/span><\/a><span data-contrast=\"auto\">,\u201d March 2025.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">LastPass, \u201c<\/span><a href=\"https:\/\/blog.lastpass.com\/posts\/business-email-compromise?utm_campaign=sm_mits&amp;utm_source=linkedin&amp;utm_medium=100000004&amp;utm_content=newagecyberthreats\"><span data-contrast=\"none\">Protect against business email compromise in 2025<\/span><\/a><span data-contrast=\"auto\">,\u201d May 2025.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">Palo Alto Networks Unit 42, \u201c<\/span><a href=\"https:\/\/unit42.paloaltonetworks.com\/2025-ransomware-extortion-trends\/?utm_campaign=sm_mits&amp;utm_source=linkedin&amp;utm_medium=100000004&amp;utm_content=newagecyberthreats\"><span data-contrast=\"none\">Extortion and Ransomware Trends<\/span><\/a><span data-contrast=\"auto\">,\u201d April 2025.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>When you\u00a0log in to your computer on\u00a0a Monday\u00a0morning and\u00a0see that ransomware screen demanding payment,\u00a0you should realize that\u00a0the attack\u00a0didn\u2019t\u00a0start that weekend. As Net at Work CISO Michael Powell explains, \u201cTo stage an attack, it\u2019s not uncommon for a threat actor to have been in the environment up to 90 days.\u201d\u00a0 For\u00a0weeks or\u00a0months, threat actors\u00a0may\u00a0have been cataloging[\u2026] <a class=\"read-more\" href=\"https:\/\/www.cloudtango.net\/blog\/2025\/12\/08\/adapting-to-the-new-age-of-ai-powered-cyber-threats\/\">Read<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" enable-background=\"new 0 0 24 24\" height=\"16px\" viewBox=\"0 0 24 24\" width=\"16px\" fill=\"#091926\"><rect fill=\"none\" height=\"16\" width=\"16\"\/><path d=\"M14.29,5.71L14.29,5.71c-0.39,0.39-0.39,1.02,0,1.41L18.17,11H3c-0.55,0-1,0.45-1,1v0c0,0.55,0.45,1,1,1h15.18l-3.88,3.88 c-0.39,0.39-0.39,1.02,0,1.41l0,0c0.39,0.39,1.02,0.39,1.41,0l5.59-5.59c0.39-0.39,0.39-1.02,0-1.41L15.7,5.71 C15.32,5.32,14.68,5.32,14.29,5.71z\"\/><\/svg><\/a><\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-959","post","type-post","status-publish","format-standard","hentry","category-cybersecurity"],"_links":{"self":[{"href":"https:\/\/www.cloudtango.net\/blog\/wp-json\/wp\/v2\/posts\/959","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cloudtango.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cloudtango.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cloudtango.net\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cloudtango.net\/blog\/wp-json\/wp\/v2\/comments?post=959"}],"version-history":[{"count":1,"href":"https:\/\/www.cloudtango.net\/blog\/wp-json\/wp\/v2\/posts\/959\/revisions"}],"predecessor-version":[{"id":960,"href":"https:\/\/www.cloudtango.net\/blog\/wp-json\/wp\/v2\/posts\/959\/revisions\/960"}],"wp:attachment":[{"href":"https:\/\/www.cloudtango.net\/blog\/wp-json\/wp\/v2\/media?parent=959"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cloudtango.net\/blog\/wp-json\/wp\/v2\/categories?post=959"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cloudtango.net\/blog\/wp-json\/wp\/v2\/tags?post=959"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}