The 2025 InsurSec Report: All Claims Edition

The average ransom demand was $957K, and the average ransom paid was $317K. This means the price was often negotiated down by more than half.

4 of 5 (83%) financial fraud claims began with email.

Ransomware attacks increased by nearly 20% in 2024.

Mid-sized companies generating $25-100M in revenue saw a 46% increase in ransomware attacks.

The blast radius of ransomware continues to grow as businesses impacted by attacks on vendors and partners increased 43%.

The average cost of third-party ransomware incidents jumped by 72% to $241K.

VPNs alone accounted for two-thirds (66%) of all ransomware attacks.

Close to 50 ransomware groups were implicated in attacks in 2024, a 3X increase from 2021.

The vast majority of ransomware started with an attack on a remote access tool, contributing to 80% of attacks.

Remote access tools like VPNs and RDP were correlated with 80% of ransomware attacks in 2024, up from 63% the year prior.

The frequency of ransomware attacks in 2024 increased by 19% vs. 2023.

Severity of ransomware attacks was up 13% in 2024.

Overall claims frequency increased by 16% in 2024.

Only 31% of ransoms were paid by At-Bay customers in 2024. This totaled $146M in unpaid ransoms.

Supply chain-driven cyber claims were up 43%.

Financial fraud remained the most common incident type, accounting for 32% of all claims.

Email was the preferred entry vector for cybercriminals, driving 43% of claims.