Ransomware costs jump 17 percent though insurance claims fall
A new report from risk solutions company Resilience shows in the first half of 2025, the average cost of an individual ransomware attack rose by 17 percent, while the volume of incurred claims across Resilience's portfolio dropped by 53 percent, highlighting the persistent and destructive threat of financially motivated cybercrime.
Ransomware accounted for almost all (91 percent) of incurred losses, while financially motivated social engineering, especially via tailored attacks bolstered by AI-powered phishing content, fueled 88 percent.
“Financial incentives are driving cyber criminals to be more clever and creative, and companies are facing larger losses than ever before,” says Vishaal Hariprasad, co-founder and CEO of Resilience. “Cyber crime comes in waves. Attackers exploit a tactic until defenders catch up, then pivot to new weaknesses. Understanding the financial consequences of attacks and the most common points of failure is paramount to stopping that fallout at the root.”
Vendor-driven claims notifications fell 18 percent, however, vendor-related claims still accounted for 15 percent of incurred losses estimated so far this year. Healthcare, retail, and manufacturing remain the most targeted sectors, with manufacturing facing several ransomware incidents generating claims averaging over $1 million in severity, and healthcare experiencing extortion demands as high as $4 million.
While 78 percent of Resilience clients over all time have avoided paying a ransom, threat groups such as Interlock, Chaos, Medusa, Akira, and Nightspire were the primary drivers of attacks on the Resilience portfolio in the first half of 2025.
“Our latest research highlights encouraging progress in our portfolio: a deep drop in overall claims and fewer disruptive third-party incidents,” says Jeremy Gittler, global head of claims at Resilience. “While that’s certainly good news, we can’t let that distract from the increased attack intensity we’re witnessing. It’s that metric -- the dollars-and-cents of successful attacks -- that we must understand and leverage to better defend ourselves and build cyber resilience.”
You can find out more on the Resilience site.
Image credit: Benjawan Sittidech/Dreamstime.com