Just five groups are responsible for the bulk of ransomware attacks. (Credit: Pungu x /Adobe Stock)
Cyber claims are rising but ransomware severity is dropping, according to a new cyber report from Cowbell.
The U.S. cyber insurance market saw a record-setting 33,561 claims in 2024, according to NAIC. The report found those claims often fall into three buckets: cybercrime (30%), data breach (34%) and extortion, or ransomware, event (19%).
While ransomware generates a lot of concern, Cowbell’s analysts found claims for those events have held steady over the last several years, averaging between 17% and 19%. Average ransom payments have also declined by about 20% over the last two years, as incident response and negotiation efforts improve.
The attacks continue to threaten organizations, though, and just five groups based in Eastern Europe and Northern Asia are responsible for the bulk (48%) of the attacks.
While ransomware attacks exploit basic IT gaps, like unpatched systems or misconfigured email accounts, the report found that phishing continues to be the primary entry point for most cyber criminals. In 2024, the FBI recorded 193,000 phishing complaints.
The report also found that breaches are most likely to occur on Fridays before long weekends, allowing attackers to hit organizations when they’re least prepared.
Industries most at risk are professional services, education, healthcare, construction and manufacturing. These are all industries that handle sensitive data and rely on operational continuity, making them prime targets for data breaches, extortion and disruption.
© Arc, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.