2024’s Cybersecurity and Claims Trends Decoded to Build Cyber Resilience in 2025
Understand the latest cybersecurity and claims trends to protect your business from digital and cyber risks.
Cybercrime surged at an alarming pace in 2024, leaving businesses and individuals grappling with rising costs and mounting cyber risks. Today, a cyberattack happens every 39 seconds.
By year’s end, cybercrime will cost the world US$9.5 trillion annually – a number that’s predicted to climb to $10.5 trillion annually in 2025.
The third quarter of 2024 alone marked a record 75% increase in cyberattacks on organizations worldwide compared to the same period last year, with an average of 1,876 cyberattacks per organization recorded.
“The sheer volume and intensity of cyber threats show just how fast cybercriminals are adapting – and why it’s more important than ever to step up your defences and prepare for what’s next,” says Jack Brooks, Head of BOXX Insurance Hackbusters and vCISO.
Global claims and BOXX’s cyber intelligence data for 2024 reflects the worldwide spike in cyberattacks, Brooks adds. “We look at claims data and cybersecurity trends not only to stay ahead of emerging threats but also to empower our business clients with actionable insights to predict, prepare, and insure against the evolving cyber landscape,” he says.
Top Cyber Claims Trends in 2024
1. Financial Crime: The Most Prevalent Type of Cybercrime
According to BOXX’s 2024 claims data intelligence, financial crime remained the most prevalent type of cybercrime, echoing global and industry trends.
There are many ways for cybercriminals to orchestrate financial crime schemes and business email compromise (BEC) is a popular tactic. The FBI reported BEC scams caused over $2.9 billion in losses in 2023, and this threat only grew more sophisticated in 2024.
In a BEC scam, fraudsters use publicly available information to target executives, finance staff, HR managers and even new hires. Posing as someone trustworthy, they trick victims into paying fake invoices or sharing sensitive information like passwords, Brooks explains. AI makes this even easier and harder to detect – criminals can use machine learning to identify the best targets and create convincing, personalized emails.
“BEC attacks often leverage data from other breaches, such as stolen Multi-Factor Authentication (MFA) tokens, to hijack online accounts, spread malware, or steal funds,” Brooks explains.
Criminals will also leverage email spoofing, a tactic that uses a fraudulent domain that is similar to a company’s domain. Using the fake email address and leveraging social engineering tactics, the cybercriminals can trick busy staff to take actions that they can exploit, such as information gathering and payment detail modification.
“Financial crime attacks driven by BEC remain one of the easier types of cybercrimes to prevent with simple validation protocols like email sender verification, staff education, email filters and the implementation of robust MFA,” Brooks says.
2. Social Engineering: Increasingly Targeting Clients
Social engineering attempts, in particular those targeting clients of companies – remained one of the fastest growing threats in 2024, accounting for 60% of all Financial Crime and Fraud cyber incidents, BOXX cyber intelligence data shows.
“The spike in Client Social Engineering (CSE) attacks highlights how cybercriminals are increasingly exploiting business relationships, tricking clients of a trusted company into transferring money or divulging sensitive information,” Brooks explains.
Common methods in CSE attempts include sending fake invoices with “updated” (fraudulent) payment information and urgent requests to “verify your account details.”
Successful social engineering attacks, including tactics like phishing, smishing and spear phishing, trick people into clicking on malicious links, share passwords or download malware – and can lead to data breaches, financial losses and reputational harm.
Globally by Q2 2024, more than 90% of all cyber threats involved social engineering. Small businesses remain especially vulnerable – companies with fewer than 100 employees receive 350% more social engineering attacks than larger enterprises.
“The data reflects how cybercriminals are prioritizing social engineering tactics, because they are ‘low-effort, high-reward’ – meaning they’re easy to execute and yield high returns. With the increased sophistication of AI, these attacks are scalable highly convincing and much harder to spot,” Brooks explains.
“It’s more important than ever for businesses and individuals to strengthen cybersecurity measures like MFA, validate client communication and respond swiftly when things go wrong. We’ve seen clients recover funds faster when they contact their banks immediately.”
3. Ransomware: Persistent and Evolving
According to Sophos’ annual State of Ransomware 2024, the average ransom payment increased 500% over the last year. Despite a slight reduction in the rate of ransomware attacks in 2024 (59% compared to 66% last year), organizations that paid a ransom forked out an average $2 million this year compared to $400,000 in 2023.
In Q3 2024, North America accounted for almost 60% of all ransomware incidents reported worldwide, reports Checkpoint.
Ransomware attacks are the most costly cyberattacks, often resulting in significant business disruption or even business closures due to financial or reputational damage. Yet only 66% of Canadian companies have a plan to address potential ransomware attacks.
“Emerging trends we’ve seen include criminals making more frequent, smaller ransom demands, aimed at targeting a larger number of businesses. And often, ransomware is being deployed as a secondary step after data theft,” Brooks says.
Sophos data showed exploited vulnerabilities were the most common root cause of ransomware attacks in 2024, followed by compromised credentials and malicious emails. The majority (84%) of organizations hit by ransomware this past year said cybercriminals tried to compromise their backups – almost 60% of these attempts were successful.
“Vulnerabilities like outdated software, unpatched systems and poor cloud security leave businesses vulnerable to ransomware and data theft,” Brooks adds, emphasizing the need to prioritize Endpoint Protection and Response (EDR) solutions and robust backups to mitigate these risks.
What to Expect in 2025
Looking ahead to next year, cybercriminals will double down on the tactics that worked in 2024, particularly financial fraud and social engineering scams.
Why are these trends likely to persist?
- Easy to execute: social engineering remains the go-to scam, requiring minimal effort while becoming harder to detect thanks to AI.
- Exploit weak defences: Poorly protected businesses and individuals continue to offer high returns for cybercriminals.
- Leverage AI automation: Generative AI tools will amplify the scale and sophistication of attacks, making them faster and more effective.
- Expanding opportunities: The growing reliance on digital payments and shared personal data creates an ever-larger target for scammers.
Decrease Cyber Risks to Protect Businesses and Individuals in 2025
According to KPMG’s latest survey, almost 72% of Canadian SMEs experienced a cyberattack in 2024 (up 10% from last year), and 67% say they paid a ransom – but over 70% of companies still don’t take a strategic approach to managing risks, instead treating cybersecurity as a tick-box in staff training.
The stakes are higher than ever, and staying ahead means businesses and individuals alike need to step up their cybersecurity defences and insurance to protect themselves in 2025.
For Businesses Leaders and Owners
- Multi-Factor Authentication (MFA): Stay ahead of token theft by moving beyond traditional MFA methods like SMS-based codes. “App-based or phishing-resistant MFA adds an extra layer of protection, making it much harder for attackers to gain access even if credentials are compromised,” he advises.
- Endpoint Detection and Response (EDR): “This provides 24/7 monitoring to detect and respond to threats early, ensuring you’re protected even when your IT team is off the clock,” Brooks explains. Managed EDR solutions pair advanced technology with human expertise, making them a must-have for small businesses.
- Backup, Backup, Backup: Having multiple, secure backups is critical, including offsite storage separate from your main network. Regularly test your backups to ensure they work when you need them most.
- Secure Your Cloud Solutions: Most people believe that their cloud solutions are secure and safe. While some basic security is turned on, all cloud environments would benefit from additional security configurations.
- Cybersecurity Training: Create a culture of vigilance through regular, bite-sized employee training. Brooks recommends monthly phishing simulations and short training sessions that will help employees recognize threats and reduce mistakes.
- Comprehensive Solution: With cyberattacks evolving faster in 2025, consider a solution that combines robust insurance coverage with cybersecurity services for small businesses – which helps to ensure you’re protected against cyber threats, but that you also get expert help to predict and prevent them before they happen.
For Employees
- Strengthen Cybersecurity Measures: Use simple yet effective steps such as enabling MFA, using strong passwords and VPNs for secure browsing.
- Participate in online training and follow internal protocols:
- Learn to Spot and Stop Scams: Understanding how to spot phishing emails and what to do when you get hacked is key. Explore BOXX’s many resources and tips to keep safe online.
The Cost of Prevention vs. Recovery
Excluding ransoms, businesses had to pay an average $2.73 million in 2024 on recovery costs – an increase of almost $1 million since the $1.82 million that Sophos reported in 2023.
According to Statistics Canada data released in October, Canadian businesses collectively spent $1.2 billion on recovery from cybersecurity incidents last year – that’s double the amount it cost them in 2021. Yet only 56% of businesses spend on prevention and detection.
In the US, the cost of a single cybercrime incident is $27.37 million, which includes expenses related to data recovery, legal fees, regulatory fines, and reputational damage.
“At the end of the day, prevention is far cheaper than recovery,” says Brooks. Cyberattacks can cripple a business – and over 65% never recover.
“Calling an expert as soon as you suspect a breach always leads to a better outcome versus trying to address it yourself.”
BOXX Hackbusters™ provides 24/7 support and monitoring to neutralize threats before they cause harm. Their proactive approach has prevented over 80% of incidents without requiring a claim.
Reflect, Learn, Act
2024’s cybersecurity challenges underscored one thing: the threat landscape isn’t just evolving – it’s escalating.
With 2025 around the corner, now is the time to take action. Assess your defences, learn from the past year’s trends, and strengthen your protection to stay ahead of the next wave of threats.
Your cybersecurity strategy for 2025 starts today.
Interested in more real-life cyber tips?
Sign-up for the BOXX Newsletter today.
Join over 5,000+ others that receive our newsletter updates. Filled with expert advice and product announcements to help prevent a cyber incident. Get insider access to news around BOXX innovations, cyber tips and case studies that allow you to stay up to date on all things cyber.