Ransomware Losses Climb as AI Pushes Phishing to New Heights

Based on real-world insurance claims, Resilience’s midyear report shows vendor risk is declining but costly, ransomware is evolving with triple extortion, and social engineering attacks are accelerating through AI.

Ransomware remains the primary digital threat to business. Phishing, often the initial point of failure, further expands into voice triggered transfer fraud.

An analysis of risk based on cyberinsurance claims history provides an accurate overview of the true risk of cybercrime. It doesn’t provide a full global picture of risk since it can only be drawn from known cyberinsurance claims. Resilience is a cyberinsurance provider with a deep knowledge of cybersecurity.

There are three major takeaways from the 2025 Midyear Cyber Risk Report produced by Resilience: vendor-related risk is down but still significant; ransomware remains the main threat; and phishing has leapt to clear prominence as the most common point of failure (aided in scale and sophistication by AI ...