At-Bay, a cyber insurance and security firm known for its integrated “InsurSec” approach, has released its 2025 InsurSec Report, revealing significant shifts in the cyber threat landscape.
Drawing on data from its own claims portfolio, the report highlights a resurgence in ransomware activity in 2024, with remote access tools—particularly VPNs—serving as the entry point in four out of five attacks.
Ransomware incidents rose by 19% last year, reaching levels not seen since 2021. The financial toll of these attacks also increased, with severity up 13%. Companies earning between $25 million and $100 million in annual revenue were hit especially hard, experiencing a 46% rise in ransomware claims.
A growing concern identified in the report is the ripple effect of supply chain breaches. Businesses affected by attacks targeting their vendors or partners jumped by 43%, with the average cost of such third-party incidents soaring by 72% to $241,000. According to At-Bay, the complex web of digital interdependencies has broadened the reach—and the damage—of ransomware attacks.
Nearly 50 ransomware groups were linked to attacks in 2024, marking a threefold increase from 2021. This proliferation of threat actors has led to greater unpredictability in ransom demands and reduced consistency in negotiation outcomes.
Remote access vulnerabilities were a primary focus in the report. VPNs alone were responsible for two-thirds of all ransomware breaches. These tools, often overlooked in day-to-day operations, have become a critical weak spot in corporate security systems.
The rise in ransomware mirrored an overall increase in cyber insurance claims. Claim frequency rose by 16% across all business sizes, though larger companies saw the steepest climb. While general claim severity dropped by 5%, ransomware-related losses continued to grow.
Email-based attacks remain a persistent threat, driving 43% of all claims. Financial fraud was the most common incident type in 2024, accounting for 32% of all claims—83% of which began with a malicious email.
Despite the surge in attacks, most At-Bay clients chose not to pay ransoms. Only 31% of policyholders opted to settle, leaving $146 million in ransom demands unpaid. In cases where payments were made, At-Bay successfully negotiated the average demand—initially $957,000—down to $317,000. The company also helped recover $49 million in stolen funds related to fraud cases.
The 2025 InsurSec Report underscores the evolving complexity of cyber risk but also points to the value of strong security-insurance partnerships. As the threat landscape continues to shift, At-Bay’s findings offer both a warning and a roadmap for businesses looking to strengthen their digital resilience.
“Remote access tools like VPNs and RDP continue to attract a high level of attention from cybercriminals. In 2024, they were correlated with 80% of ransomware attacks, up from 63% the year prior,” commented Adam Tyra, Chief Information Security Officer for Customers at At-Bay.
“VPNs alone were a factor in 2 of 3 ransomware incidents. This problem isn’t going away for mid-market businesses. They need to upgrade to safer alternatives or consider getting support with patching and configuration management to lower their risk from operating these tools.”
The post Remote access behind 80% of ransomware attacks, At-Bay reports appeared first on ReinsuranceNe.ws.
+ There are no comments
Add yours