“Ransomware attacks set for 40% rise by 2026” warns QBE

In addition, the UK has experienced 49 significant cyber incidents over the past two years, making up 10% of the global total (ie 447).

Compiled by Control Risks, QBE’s cyber report (entitled Cloud Cover: Forecasting Digital Disruption in a Cyber Crime Climate) explains how cyber criminals are exploiting Artificial Intelligence (AI) and cloud vulnerabilities in order to access sensitive data and disrupt systems.

It also shows that Government and administrative systems were the most targeted sector globally between August 2023 and August this year, accounting for 19% of all incidents. IT and telecommunications follow at 18%, while manufacturing, logistics and transport sectors together represent 13%.

Successful cyber attacks, namely ransomware attacks, can cause financial losses, reputational damage and litigation for the businesses targeted, as well as for their customer and third party suppliers.

QBE is now urging companies to strengthen protective measures in order to match the evolving threat landscape.

Concern for companies 

David Warr, cyber portfolio manager at QBE, explained: “As British businesses expand their use of cloud infrastructure and AI tools, they’re also reshaping their risk landscape. The challenge is not just about preparing for the future, but catching up with exposures that have evolved at speed.”

Warr continued: “The supply chain threat causes concern for companies. While outsourcing certain parts of your business can create efficiencies and cost savings, there are security considerations to bear in mind. Each outsourced provider that connects into your company creates an additional layer of risk, not only in terms of potential malware transmission, but also when it comes to critical dependencies. Each third party connection creates new risk. A single point of failure can halt business operations altogether.”

The QBE report shows how businesses’ quick adoption of AI and cloud platforms increases digital vulnerabilities. While these technologies boost efficiency, they also enable cyber criminals to launch ransomware, phishing and fraud campaigns with greater speed and precision. In 2024, deepfakes were implicated in nearly 10% of successful cyber attacks.

This year, the volume of data stored worldwide is projected to reach 200 zettabytes (200 trillion gigabytes) across IT and utility infrastructures, Data Centres, personal and connected devices. Half of this data will be stored in the cloud (that’s up from only 10% in 2015). This concentration of valuable data makes cloud providers and storage services appealing to attackers.

Throughout 2024, high-severity cloud alerts increased by 235% compared with the previous year, reflecting both the surge in adoption and the increasing capability of the attackers.

Cloud platforms are now a prime entry point. Business e-mail compromise attacks exploiting Microsoft 365 and other services bypass traditional security checks and are harder to detect.

Supply chain vulnerabilities are also increasing: a breach at single sign-on provider Okta in 2023 exposed 134 business clients.

Generative AI

Generative AI is reshaping the cyber threat environment as its usage is expected to surge in Europe and North America over the next five years.

ChatGPT has 755 million users (their number increased by 33% between December 2024 and February 2025). Microsoft Copilot now has 88 million active users. 78% of organisations now deploy AI in at least one business function. That’s up from 55% last year.

Businesses use Generative AI to gain productivity, but cyber criminals use the same technology for fraud and extortion. Threats have manifested in automated phishing attacks, identity fraud and deepfake scams.

Generative AI enables hackers to act with greater speed and precision, but it also lowers the technical barriers for entry-level cyber criminals, for instance by assisting them in script development and malware coding.

Businesses will likely face a rise in attacks from groups previously dismissed as being too technically incompetent or resource-poor. This may result in operational downtime, financial loss or reputational damage.

Key findings

Key findings from the QBE report include the following:

*Ransomware incidents almost tripled year-on-year: 1,537 in Q1 2025, up from 572 in Q1 2024

*High-severity cloud alerts surged by 235% in 2024 compared to 2023, reflecting rapid cloud adoption and attacker sophistication

*Nearly half of corporate data stored in the cloud is classified as ‘sensitive’, making it a prime target for ransomware

*Global data volume to reach 200 zettabytes by 2025, with half stored in the cloud (versus 43% in 2024 and 15% in 2020)

*Deepfakes implicated in nearly 10% of successful cyber attacks in 2024

*Ransomware extortion cases publicly disclosed increased by 54% in January-April 2025 compared with the same period in 2024

*ChatGPT adoption soared to 755 million users in early 2025, up 33% between December 2024 and February 2025, with Microsoft Copilot reaching 88 million users

*78% of organisations now deploy AI in at least one business function in 2025, which is up from 55% in 2024

*20%-40% of employees actively use AI in their daily roles (particularly so when it comes to programming)

*CrowdStrike outage in 2024 impacted 8.5 million Windows devices

Combating the threat

In order to combat the growing cyber threat, QBE recommends that today’s businesses adopt the following measures:

*Map and assess risk profiles to identify critical assets, threats and vulnerabilities and gauge a clear overview of exposure to the business

*Define acceptable organisational risk such that leadership can explicitly set boundaries for risk and exposure to data

*Prioritise mitigation strategies in order to direct resources towards the areas of greatest impact

*Plan for worst case scenarios with tested contingency plans and recovery protocols

*Regularly stress test crisis management to evaluate decision-making, communication and response

*Incorporate third party expertise into your cyber security strategy to help manage residual and emerging risks

*Continuously monitor and adapt cyber defences in order to stay ahead of evolving threats, new technology and changing business needs

Cloud and AI tools

Cloud and AI tools are giving attackers more entry points and opportunities. Businesses need a robust strategy to anticipate and withstand cyber incidents, particularly so those arising from third party services and cloud environments. Building resilience means embedding cyber risk management into technology lifecycles from the outset and includes implementing strong identity and access management protocols, running regular configuration audits and encrypting sensitive data across all cloud environments.

Also, continuous monitoring, threat intelligence and Incident Response Plans help to detect and contain threats before they escalate. Further, businesses should evaluate the security posture of their third party providers and establish clear protocols for managing supply chain exposure.

These practices will enable UK businesses to make the most of Generative AI and cloud storage, while in parallel protecting their operations, preserving continuity and maintaining trust.

*The full report, compiled by Control Risks, is available on the QBE website