A new report indicates that states with advanced digitalization are facing a heightened risk of cyberattacks. This counter-intuitive trend reveals that wealthier, more digitally integrated states are becoming prime targets for cybercriminals.

Cyberattacks are becoming increasingly inevitable in today's digitized world. Threat actors are exploiting remote access vulnerabilities and unpatched VPNs, often using manual ransomware deployment after detailed network reconnaissance.

The rise in cyber risk is attributed to several factors. As states become more reliant on digital infrastructure, the potential attack surface expands, offering more entry points for malicious actors. Simultaneously, the increasing sophistication of cyberattacks, including AI-powered malware and deepfake-enabled social engineering, poses a significant challenge. Cyber warfare tactics employed by nation-states, such as disinformation campaigns and disruptive malware, further exacerbate the threat.

Small and rural communities are disproportionately vulnerable due to limited resources. Many local governments lack the budget for cyber priorities, making it difficult for them to recover from attacks. Nation-state hackers are not just probing Washington, D.C., they continue to target city halls, water plants, and school districts across the U.S., often on the smallest of budgets.

The Multi-State Information Sharing and Analysis Center (MS-ISAC) blocked tens of thousands of attacks last year. In 2024 alone, MS-ISAC detected more than 43,000 potential cyber attacks, blocked more than 59,000 malware and ransomware incidents, prevented 25 billion connections to malicious sites, and stopped 5.4 million harmful emails.

The cyber insurance market is evolving in response to these threats. While 2024 saw a 61% increase in cyber claims notifications, 2025 is on track for a slight decline. Non-malicious incidents, such as software errors or outages, now account for 20% of all claims in Europe. Digital supply chain attacks have also become a leading cause of cyber claims notifications. SMEs remain disproportionately affected due to lower cybersecurity maturity.

Despite these threats, the cyber insurance market has become more buyer-friendly. Premiums are down by 12% on average across Europe.

Organizations are encouraged to invest in proactive cybersecurity strategies, including AI and machine learning tools to address talent gaps. Businesses across Asia Pacific (55%) and globally (53%) are responding by making AI and machine learning tools their top priority for addressing talent gaps. Deepfake-enabled social engineering is another emerging threat, cited by 53% in Asia Pacific and 48% worldwide.