2025 marked a turning point in cybersecurity—a historic moment in which the concept of ransomware + data exfiltration became inseparable, transforming the simple encryption of files into extortion based on stolen information.
According to a new Coveware report, the numbers are alarming: in Q2 2025, 74% of ransomware attacks now include data exfiltration, with average payments soaring to $1.13 million (+104%). Hackers no longer stop at encrypting files—they steal them first, turning every incident into a devastating double-extortion attack.
In the second quarter of the year, the average ransom payment jumped to $1.13 million (+104%), but the real headline is that 74% of incidents now involve data theft rather than encryption alone. In this critical scenario, where social engineering has become the primary attack vector, Certiblok emerges as an essential defensive barrier to certify and secure the communications and identities circulating through your corporate network.
Why has exfiltration overtaken encryption?
The shift in criminal tactics is driven by economic and psychological logic. Coveware’s Q2 2025 data shows that although the percentage of victims paying a ransom remains stable at 26%, the extortion model has radically changed. Attackers understand that companies can restore systems from backups, but they cannot undo the public release of trade secrets or customer data.
Bill Siegel, CEO of Coveware, describes this moment as a turning point where targeted social engineering and data theft become the norm. These are no longer blind attacks—they are surgical operations engineered to maximize profit by threatening the victim’s reputation. This evolution makes backups, while essential, no longer sufficient as a standalone defense strategy.
Who are the new players in cybercrime?
The old “Ransomware-as-a-Service” model is collapsing under internal conflicts and law-enforcement pressure, leaving behind a fragmented and dangerous landscape. Today we face three types of threats: lone operators, new aggressive groups such as Akira and Qilin, and gangs leveraging artificial intelligence to refine their traps.
Groups like Scattered Spider and Silent Ransom dominated 2025 using AI to automate communications and make social-engineering attacks almost indistinguishable from legitimate interactions. These criminals target people, help desks, and third-party providers, exploiting implicit trust in corporate communications. This is where the ransomware + data exfiltration attack cycle thrives, bypassing traditional technical defenses through human error and deception.
How can Certiblok effectively counter these threats?
Prevention in 2025 is no longer about firewalls alone—it is about identity validation and supply-chain security. Since compromised credentials and advanced phishing are the dominant vectors, Certiblok acts upstream, creating a trusted digital ecosystem. The platform verifies the identity of partners and the authenticity of communications, neutralizing social-engineering attempts before they escalate into ransomware with data exfiltration.
✅ Certiblok eliminates the risk at its root.
✅ Decentralized cloud across 26,000 nodes: impossible to intercept all fragments
✅ Client-side AES-256 encryption: only you hold the keys
✅ Zero-knowledge security: not even we can access your data
✅ Mathematical fragmentation: each file split into 80 parts; only 29 are needed for reconstruction
💡 The result? Your sensitive documents cannot be exfiltrated because they never exist in complete form in any single location.
While companies spend millions on ransom negotiators and recovery efforts, Certiblok makes your data mathematically impossible to steal.
Implementing Certiblok means adopting a real Zero Trust approach and managing documents, files, chats, and messages in a single secure environment that records every operation across your corporate relationship network. In an era where compromises often begin with a single deceptive email or an insecure supplier, it is the only guarantee to avoid becoming the next statistic in Coveware’s report.
The question is no longer if you will be attacked, but how you will protect your data when it happens.
Book your free demo today: we’ll show you how to strengthen confidentiality, speed up workflows, and increase control over your documents with a platform built for security and collaboration.
You can reach us at commerciale@certiblok.com or fill out the contact form to schedule a slot.
You can also explore all platform capabilities on the Certiblok features page, or browse practical examples and case studies on our official blog.
Certiblok STORAGE
Archivia i documenti in totale sicurezza con spazi di archiviazione per ogni esigenza in un cloud decentralizzato
Certiblok SHARING
Condividi e richiedi documenti in un click. Definisci permessi e scadenze per ogni documento.
Certiblok EDITING
Modifica online i documenti con i membri del tuo Team.
Certiblok AUDITING
Il controllo completo sulla gestione dei documenti per due diligence, ispezioni o specifici utilizzi.
Compila il form qui sotto per richiedere il Piano FREE o il Piano BUSINESS completo per 30 giorni
CERTIBLOK,
LA PIATTAFORMA DRM®
Document Relationship Management,
che rivoluziona il modo di gestire e condividere i documenti, anche quelli più riservati.
Semplifica il lavoro in team, gestisce le scadenze, ti collega con clienti, fornitori, consulenti ed enti ispettivi, garantendo la massima protezione del tuo patrimonio documentale attraverso il cloud decentralizzato e la tecnologia Blockchain.
Funzioni
Distributore per la Svizzera
Certificati ISO 27001
Membro di
