Ransom Demands Spike 47%

Despite the spike in ransom demands, a record 86% of businesses refused to pay ransoms in 2025, relying instead on better backups and incident response plans. This aligns with official guidance from the FBI, which warns that paying a ransom doesn't guarantee data recovery and encourages further criminal activity. Ransomware remains the most expensive type of cyber claim, with an average loss of $269,000 in 2025. However, the total cost of a data breach in the U.S. is far higher, hitting an average of $10.22 million last year, driven by regulatory fines and complex recovery processes. The most frequent incidents are not ransomware, but rather Business Email Compromise (BEC) and Funds Transfer Fraud (FTF), which together accounted for 58% of all cyber claims in 2025. In fact, more than half of all funds transfer fraud incidents begin with a compromised email account. The frequency of BEC attacks specifically jumped by 15% in 2025, though the average loss per claim fell to $27,000. These attacks are increasingly sophisticated, with generative AI being used to craft highly convincing, personalized emails that are harder for employees to detect. The threat landscape is also fragmenting. The number of new ransomware groups rose by 30% in the year to October 2025, largely due to the growth of Ransomware-as-a-Service (RaaS) platforms. These platforms enable even less-skilled actors to launch sophisticated attacks, expanding the overall threat. Attackers are moving beyond simple data encryption. "Multi-extortion" tactics are becoming standard, where criminals not only lock up data but also steal it and threaten to leak it publicly, sometimes adding DDoS attacks to increase pressure on victims. For startups, vulnerabilities often lie in their tech stack. Misconfigured cloud storage, overly permissive IAM policies, and exposed APIs are common entry points for attackers. Startups are considered attractive targets because their security programs may be less mature than those of larger enterprises.