The 2025 Midyear Cyber Risk Report by Resilience highlights a significant shift in cyber threats, emphasizing vendor-related risks, evolving ransomware tactics, and the growing impact of AI-driven social engineering. Key findings include a 53% drop in claims frequency in early 2025, a 17% increase in ransomware severity, and the emergence of groups like Scattered Spider exploiting cloud platform misconfigurations. #ScatteredSpider #ChaosRansomware #Medusa #Akira #Interlock
Keypoints
- Annual cybersecurity reports typically contain an Executive Summary, Claims Trends, Cause of Loss, Point of Failure, Threat Actor Profiles, Industry Focus, Case Studies, and Appendices with methodology and definitions.
- Executive Summaries introduce key risk themes, such as third-party risks and evolving attack methods, and provide an outlook for near-term developments.
- Claims Trends provide comparative incident frequency and severity statistics, noting changes in cyber insurance claims over time.
- Cause of Loss sections categorize cyber incidents by type, with ransomware remaining the dominant cause, responsible for the majority of incurred losses and increasing in severity.
- Point of Failure analyses identify the initial vulnerabilities exploited, highlighting that social engineering and transfer fraud are major attack vectors.
- Ransomware gangs such as Medusa, Akira, Interlock, and Chaos are profiled, showing shifts in platforms, tactics like double extortion, and sector targeting.
- Vendor-related incidents have grown significantly, accounting for over a third of claims notices and substantial business interruption losses, stressing the importance of continuous vendor risk management.
- AI-driven social engineering attacks, including sophisticated phishing with high success rates and browser-based credential harvesting, are emerging threats exacerbating losses.
- Industry-specific impacts show healthcare, manufacturing, and retail sectors facing unique challenges, including high ransom demands and supply chain disruptions from groups like Scattered Spider.
- Case studies demonstrate effective loss control through strategic negotiation and rapid response, showcasing the value of the Resilience Risk Operations Centerβs proactive approach.
- Recommendations emphasize avoiding ransom payments for data suppression, securing cyber insurance policies rigorously, and enhancing defense-in-depth strategies including backups and privileged access management.
- Recurring themes include the increasing complexity and interconnectedness of cyber risks, the rise of double extortion ransomware tactics, the persistence of human factors as vulnerabilities, and the critical need for comprehensive, intelligence-led resilience measures.
Source: Awesome Annual Security Reports - The reports in this collection are limited to content which does not require a paid subscription, membership, or service contract. (https://github.com/jacobdjwilson/awesome-annual-security-reports/)