2025: Yep, Ransomware Still
1–29–2025 (Wednesday)
Hello, and welcome to The Intentional Brief - your weekly video update on the one big thing in cybersecurity for middle market companies, their investors, and executive teams.
I’m your host, Shay Colson, Managing Partner at Intentional Cybersecurity, and you can find us online at intentionalcyber.com.
Today is Wednesday, January 29, 2025, and we’re running at full speed already in 2025.
Unfortunately, we’re also still grappling with ransomware this year, and have some numbers in from the year past that might inform our view of the year ahead.
2025: Yep, Ransomware Still
First, by way of an update, TechCrunch is reporting that PowerSchool has begun notifying students and teachers who had their data stolen in the PowerSchool breach.
News outlet Bleeping Computer, citing multiple sources, reports that the hackers responsible for the PowerSchool breach allegedly accessed the personal data of more than 62 million students and 9.5 million teachers.
Toronto District School Board (TDSB), which last week confirmed that hackers had accessed close to 40 years’ worth of student data, is the worst-hit organization so far, with the data of almost 1.5 million students taken in the breach. In a letter to parents, seen by TechCrunch, TDSB confirmed the stolen data includes genders, grade information, medical data, and accommodation details.
PowerSchool wasn’t alone in last month’s breach, however. A report released last week by NCC Group noted that “the number of ransomware attacks seen at the end of the year is the highest of any month since it started tracking such activity in 2021.”
At the same time, security training company KnowBe4 reported that insurance claims and costs for cyber hit record levels in 2024.
“Severity of claims received for cybercrime had increased by 17% [in 2024]; by comparison, in 2023 severity had increased just 1%. Large cyber claims — those in excess of 1 million euros ($1.1 million) — were more frequent, increasing by 14% in the first six months of 2024. The U.S. accounted for 72% of large claims.”
Furthermore, “ransomware accounted for 58% of the value of large cyber claims in the first six months of 2024.”
Remember - the data here lags, and we know that December was the most active ransomware month ever, so we’re likely to see a continued rise here.
We’re also seeing attackers expand their attack surfaces - with an article in Infosecurity Magazine noting that Software-as-a-Service (SaaS) attacks are up 300% from September 2023 to September 2024.
Even more, the article notes “In 84% of incidents analyzed for the report, MFA failed to stop the attackers.”
I’m just as frustrated as you that we’re not only still here dealing with ransomware, but that we’re starting 2025 so far behind the ball - increased frequency, increased costs, and decreased effectiveness of our defenses.
At the risk of it sounding like things are hopeless, I’d encourage all of us to retrench on the basics. Ensure that we know where our data lives, that we manage the things we can manage (configurations, identity, permissions, and backups).
It’s going to be rough in 2025. The sooner we focus on building defensible, communicable security programs, the better chance we have. Let’s get to it.
Fundraising
From a fundraising perspective, back to more “regular” numbers, with more than $5.2B in newly committed capital, including SV Angel, Ron Conway’s VC firm best known for its seed bets, raised $330 million for its second growth fund and $40 million for its 10th seed fund.
As a reminder, alumni of that fund include OpenAI, Databricks, HippocraticAI, and Harvey out of that initial growth fund, with investments of between $5 million and $20 million. Pretty good return, one imagines. That’s why you get to raise another fund.
A reminder that you can find links to all the articles we covered below, find back issues of these videos and the written transcripts at intentionalcyber.com, and we’ll see you next week for another edition of the Intentional Brief.
Links
https://globalnews.ca/news/10972314/powerschool-data-breach-number-of-students-impacted/
https://www.securityweek.com/record-number-of-ransomware-attacks-in-december-2024/
https://www.knowbe4.com/hubfs/Insurance-Report-WhitePaper-2025-EN-US_F.pdf
https://www.infosecurity-magazine.com/news/saas-breaches-defenses-short/