The insurance industry saw an increase in ransomware attacks last year, intensified by law enforcement actions and lower barriers to entry for cyber criminals, as companies embrace digital innovations.
S-RM, a global cybersecurity and intelligence consultancy, published its 2025 Cyber Incidents Insights Report, highlighting key trends in the cyber threat landscape from the past 12 months. According to the report, ransomware remains the most frequent type of incident, accounting for more than one-third of cases handled by the company.
However, the growth rate of ransomware incidents showed signs of slowing, with malicious organisations listed on ransomware and data-theft leak sites increasing by 13%.
Threat actors usually gained access through vulnerabilities in public-facing systems, the report showed. The company noted a 53% rise in ransomware attacks on small businesses, which was likely driven by increased competition among groups expanding their target range.
The report also showed a 96% increase in distinct cyber threat actors last year, or about 53 new actors, from 27 actors in 2023. S-RM said this reflects a fragmented threat landscape, influenced by law enforcement efforts against established groups and easier access for new entrants.
Despite this increase, fewer organisations opted to pay ransoms. Since 2022, the proportion of incidents resulting in ransom payments has nearly halved, suggesting greater resilience among victims.
Jamie Smith, global managing director of cyber security at S-RM, noted that while the number of threat actors increased last year, about 39% of overall incidents reported were made by five groups, down from 53% a year earlier. This fragmentation, Smith said, was caused by the breakup of big ransomware groups and lower barriers to entry for new threat actors.
“The behaviour of these groups has been difficult to predict and their credibility even tougher to assess, but their motivations remain consistent; financial gain,” Smith commented.
However, action from the National Crime Agency and other law enforcement groups globally has had a positive impact, with major ransomware-as-a-service actors being taken down last year.
The digital risk landscape may not change for the better this year, however, as insurers continue to digitise their operations and increase their reliance on technology.
Joseph Parry, associate analyst at Control Risks, said that the increasing interconnectedness of digital services enhances efficiency but also creates new vulnerabilities that can be exploited by cybercriminals.
“By 2025, 90% of Fortune 500 companies will both provide and consumer digital services,” said Parry recently. “This growing interdependency between technologies will lead to an increasing number of systemic cyber incidents.” Parry expects high-profile companies will likely be targeted.
Geopolitical tensions are also expected to intensify digital risks.
“Driven by geopolitical volatility, 2025 could become the most tumultuous year the digital threat landscape has experienced yet,” Parry warned. “Aggressive cyber actors face less and less consequences for their actions while reaping ever greater tactical and strategic rewards in increasing their digital disruption efforts.”
