Just two tactics 'lead to half of cyber insurance claims'
More than half of cyber insurance claims in 2022 came from just two different types of threat – ransomware and fraudulent funds transfer (FFT) – according to insights published by cyber insurer Corvus Insurance.
FFT, which involves a bad actor tricking an organisation into transferring funds into an account they control, comprises 27% of all cyber claims processed by Corvus since 2019. According to the insurer, the increasing rate of FFT incidents demonstrates a continued susceptibility among insureds to business email compromise (BEC), where an attacker gains access to an email system usually through phishing scams, making it easier for them to get hold of funds fraudulently. As the world of work changes and hybrid working models are adopted permanently, email is the one key constant that attackers have access to.
Ransomware and third-party ransomware account for just over 23% of cyber claims received by Corvus. It says the proportion of ransomware incidents targeting US businesses declined at the start of the year, but the average cost of a claim is nearly three times higher. A typical FFT claim is worth US$90,000 compared to US$256,000 for ransomware.
Together, the two types of threat account for around 51% of all cyber insurance claims made to Corvus, demonstrating the need for businesses to be well-informed and vigilant about a small number of cyber threats.
Cyber attackers constantly shifting and adapting
“Global cybercrime is growing more complex by the day, presenting security leaders with new challenges,” says Corvus Insurance Chief Information Security Officer Jason Rebholz. “While ransomware continues to be a dominant risk, we are seeing tactics change, including the rise of other forms of extortion as well as funds transfer fraud. The findings from our report serve as a reminder to all security leaders that cybersecurity is fluid and attackers will shift their methods, even revisiting old tactics, so long as they continue to reap financial benefits.”
Corvus Insurance also noticed a rise in the use of data exfiltration, where bad actors gain access to the data a company holds – a tactic that can be used to gain leverage as part of a ransomware attack. Data exfiltration saw a 25% increase from the second half of 2021 to the first half of 2022, Corvus says. In fact, its use as a tactic appears to be at an all-time high: nearly 50% of ransomware claims made now involve data exfiltration, demonstrating that attackers are seeking to increase their chances of a ransom being paid.
Unlike other forms of attack, data exfiltration is not confined to an organisation’s internal computer system; it can lead to permanent reputational damage and leave a company liable to damages or compensation for customers whose data has been stolen.
‘Staying connected’ vital in fending off cyber threats
There had been fears that, with business rates rising and inflation causing corporate budgets to come under significant pressure, some businesses – particularly SMEs – would be forced to choose between cyber insurance and other day-to-day expenses. In June, market research company GlobalData warned that many smaller firms were being priced out of cyber insurance cover with nearly 30% reportedly cancelling their policy because of the cost.
But the latest figures from Corvus, which show both the prevalence and scale of cyber threats, show the continuing importance of staying protected. Nearly seven in 10 startups have experienced a cyber attack on their business, separate research this week has shown.
Jason Rebholz continues: “It’s vital that the cybersecurity and insurance industries stay connected to remain agile in the changing threat landscape. Rising instances of data exfiltration show that cybercriminals will respond quickly to thwart security professionals, and identify creative ways to increase leverage in ransom negotiations. Insurers have visibility into these changes, enabling us to take an informed, proactive approach with our brokers, policyholders, and partners. It’s Corvus’s responsibility as a leading insurtech to not only make our policyholders safer, but also to help empower the industry at large to make the world a safer place.”