Ransomware attacks are becoming an increasingly pressing concern for businesses of all sizes, with hackers not only targeting large corporations but also focusing on small and medium-sized enterprises (SMBs). These smaller organizations are particularly vulnerable due to their often less robust cybersecurity defenses. This shift is contributing to a significant rise in the cost of cyber insurance claims, a trend expected to continue in the foreseeable future.
According to the Allianz Cyber Security Resilience 2025 report, larger companies have made considerable improvements to their cybersecurity measures in recent years. As a result, cybercriminals are now turning their attention to the easier targets in the SMB sector. The report highlights that over 88% of ransomware breaches are now being recorded in small and medium-sized businesses, compared to just 39% in larger organizations.
Rising Costs of Ransomware Claims
The sophistication of ransomware attacks is one of the key factors driving the increasing cost of cyber insurance claims. In the first half of 2025 alone, over 60% of ransomware-related claims were reported to exceed €1 million. These numbers are steadily increasing, signaling that not only are attacks becoming more frequent, but the damage caused is escalating in both severity and financial impact.
One of the major shifts in recent ransomware campaigns is the increasing focus on data exfiltration. Hackers are no longer solely encrypting data and demanding ransom for its release; they are also stealing sensitive data before locking it down. This dual threat is creating more pressure on businesses, as they are forced to negotiate ransoms for both the return of their encrypted files and to prevent the stolen data from being leaked or sold. This complexity significantly raises the stakes of each attack, making it more difficult for companies to recover without meeting the hacker’s demands.
Hackers Becoming More Sophisticated
With advancements in artificial intelligence (AI) and automation, the sophistication of ransomware attacks is reaching new heights. Cybercriminals are now able to breach systems with greater ease, bypassing traditional defense mechanisms and gaining access to sensitive data with alarming speed. The financial rewards for these malicious actors are also growing, as businesses and institutions are more willing to pay large ransoms to mitigate the reputational and operational risks associated with data breaches.
One of the most notable hacking groups contributing to this trend is Scattered Spider, which has been linked to a growing number of attacks using phishing and vishing techniques. These methods allow hackers to deploy malicious software within 24 hours of gaining initial access. Phishing typically involves deceptive emails that trick employees into revealing login credentials, while vishing uses voice calls to manipulate victims into providing sensitive information. Both methods have proven highly effective, especially when targeting unsuspecting employees in sectors like retail, banking, and manufacturing.
Supply Chain Vulnerabilities and Rising Data Exfiltration
The increase in data exfiltration, coupled with the rise of supply chain attacks, is making certain sectors, such as retail, banking, and manufacturing, especially vulnerable. Hackers are now focusing not only on individual businesses but also on the broader supply chains that interconnect various sectors. By stealing large volumes of sensitive data, they can disrupt entire industries, causing far-reaching effects. These attacks are often highly coordinated and difficult to detect, complicating the efforts of security teams to respond quickly and effectively.
The complexity of these attacks means that organizations must be proactive in their cybersecurity efforts. It is no longer enough to merely react to breaches after they occur. Early preparedness, detection, and response are now considered the most effective strategies for mitigating the damage caused by ransomware attacks, according to Allianz’s analysis.
The Future of Cyber Insurance
Looking ahead, the cyber insurance market is set for significant growth. Allianz predicts that by 2030, the market will reach a staggering $30 billion, driven largely by the rise of connected devices and the Internet of Things (IoT). With the connected devices market expected to quadruple in size over the next five years, businesses will need to adapt their cybersecurity strategies to account for the increasing vulnerabilities posed by these interconnected systems. Cyber insurance will play a critical role in helping businesses recover from attacks, but as the costs of claims continue to rise, the industry will face new challenges in balancing coverage with risk management.
Join our LinkedIn group Information Security Community!
