Ransomware Attacks Are Rising

By Claudio | April 7, 2025 |

 

 

Ransomware continues to be a major threat to businesses of all sizes. Recent reports from cyber insurance providers show a surge in cybercriminal activity—and experts are urging companies to ramp up their defenses.

These attacks usually start when a cybercriminal—often referred to as a “threat actor”—breaks into a company’s system, encrypts or steals sensitive data, and demands payment in exchange for not leaking it online. The trend has become increasingly alarming over the past five years.

According to a recent study from Travelers Cos. Inc., new ransomware groups are forming at a rapid pace, with a 67% increase last year alone. The fourth quarter of 2024 saw the highest ransomware leak site activity in over 15 months, with nearly 1,700 victim companies publicly posted.

A separate March 2025 report from Coalition Inc. predicts over 45,000 software vulnerabilities will be discovered this year. It also revealed that stolen credentials accounted for 47% of ransomware breaches, followed by software exploitation at 29%.

Ransomware attacks don’t always stop at the initial victim—sometimes, the damage spreads to partners, vendors, or customers.

“Brute force” attacks, where hackers guess passwords over and over until they find a match, are still common. One of the most effective defenses? Multifactor authentication (MFA)—but only when it’s implemented correctly in key parts of your system.

While powerful, these cybersecurity tools come with a price tag. Gwenn Cujdik from Axa XL notes that deploying MFA or advanced security controls can cost five or six figures—an expense many small and midsize businesses simply can’t afford.

But not all solutions require big budgets.

“Helping employees recognize phishing, writing clear tech-use policies, and implementing smart authentication processes don’t have to cost a lot,” said Cujdik.

She emphasized that the first step is acknowledging that cyber risk is real—and that every business, big or small, should consider cyber insurance.

Other tools like endpoint detection and response (EDR) can be powerful allies in the fight against ransomware. EDR monitors individual users or devices for suspicious activity and sends alerts when something looks off—helping to limit the blast radius of a breach.

Scanning your network regularly for unprotected areas is another simple but effective way to lower your risk.

Cyber threats are evolving fast, and ransomware is leading the charge. Whether you’re a small business or a large enterprise, the time to act is now. Invest in strong policies, educate your team, and consider cyber insurance as part of your risk management strategy.

Leave a Comment





This site uses Akismet to reduce spam. Learn how your comment data is processed.