Cyber insurance firm reported a modest decrease in ransomware attacks in 2024.
In the digital age, cybersecurity threats continue to pose significant challenges for businesses worldwide. The latest report from Coalition, one of the world's largest cyber insurers, sheds light on the current cyber risk landscape, offering valuable insights into the behavior of threat actors and effective strategies for avoiding a digital security crisis.
One of the key findings from the report is the dominance of ransomware as a cause of cyber insurance claims, particularly affecting small to mid-sized businesses. Small businesses with revenues under $25 million and between $25–100 million have seen substantial increases in ransomware attacks and related cyber claims. The report highlights an increasing ransomware severity and claims costs, with ransomware accounting for about 81% of claims involving recovery expenses.
While the top industries with the most ransomware claims are not explicitly listed in Coalition's 2025 Cyber Claims Report, it is clear from the broader context of Coalition's reports and cybersecurity trends that professional services, healthcare, manufacturing, and retail are often heavily targeted sectors.
Funds transfer fraud and business email compromise made up the majority (60%) of cyber claims submitted to Coalition. Companies that used Change Healthcare for transaction-processing filed claims with Coalition averaging $22,000, while customers of the car dealership vendor CDK Global filed claims averaging $63,000. However, the report did not provide information about the industries or claim amounts related to funds-transfer fraud incidents.
Third-party breaches accounted for more than half (52%) of all claims, with an average claim amount of $42,000. Interestingly, Coalition reported a decrease in ransomware claims filed by customers in 2024 compared to the previous year, but the report did not provide information about changes in the number of funds-transfer fraud or business email compromise claims compared to previous years.
Recovery of funds from funds-transfer fraud is more likely when policyholders report fraudulent transactions to Coalition quickly. In 2024, Coalition fully recovered money in 12% of funds-transfer fraud cases and partially recovered money in roughly a quarter of cases.
On a positive note, the average ransomware loss in the U.S. was slightly lower than the global average, according to Coalition's 2025 Cyber Claims Report. Moreover, the amount of insurance funds requested to cover ransomware attacks decreased 7% from 2023 to 2024.
Coalition's data offers a broad survey of the cyber risk landscape, providing insights into the strategies that businesses can employ to protect themselves from cyber threats. The report underscores the importance of promptly addressing cybersecurity vulnerabilities, as 614 businesses suffered ransomware attacks after failing to remediate cybersecurity vulnerabilities, with total losses of $307 million.
For precise industry-specific rankings from Coalition’s 2025 Cyber Claims Report, accessing the full report directly would provide the exact list of the top industries most impacted by ransomware claims. The energy industry filed claims for the largest amounts, but the report did not provide information about the industries or claim amounts related to funds-transfer fraud incidents.
In conclusion, the 2025 Cyber Claims Report from Coalition serves as a reminder of the ongoing threats posed by ransomware and funds-transfer fraud. Businesses, particularly small to mid-sized firms, are advised to prioritise cybersecurity measures and promptly address any vulnerabilities to minimise the risk of falling victim to these threats.
- Ransomware, a significant cybersecurity threat, is causing a surge in cyber insurance claims, particularly affecting small to mid-sized businesses, according to Coalition's 2025 Cyber Claims Report.
- The report also reveals that funds transfer fraud and business email compromise account for a majority of the cyber claims submitted to Coalition, with industries such as professional services, healthcare, manufacturing, and retail often targeted.
- In the digital age, it's crucial for businesses to prioritize cyber risk mitigation strategies, especially given that over half of all claims in the report involve third-party breaches, which can result in losses of up to $42,000 on average.
