Ransomware still the top cyber risk for businesses, but new threats emerge
Around the world, the frequency of ransomware attacks remains high, as do related claims costs.
Ransomware remains a top cyber risk for organisations globally, while business email compromise incidents are on the rise and will increase further in the ‘deep fake’ era.
According to a new report from Allianz Global Corporate and Specialty (AGCS) the war in Ukraine and wider geopolitical tensions are a major concern as hostilities could spill over into cyberspace and cause targeted attacks against companies, infrastructure or supply chains.
Also read: Importance of transacting safely online and avoiding card fraud over the holidays
The insurer’s annual review of the cyber risk landscape also highlights the emerging threats posed by the growing reliance on cloud services. This is an evolving third-party liability landscape that means higher compensation and penalties, as well as the impact of a shortage of cybersecurity professionals.
Such potential vulnerabilities mean that a company’s cyber security resilience is scrutinised by more parties than ever before. This includes global investors, meaning many firms now rank it as their major environmental, social and governance (ESG) risk concern, the report notes.
“The cyber risk landscape doesn’t allow for any resting on laurels. Ransomware and phishing scams are as active as ever. On top of that there is the prospect of a hybrid cyber war,” says Scott Sayce, global head of cyber at AGCS and group head of the Cyber Centre of Competence.
“Most companies will not be able to evade a cyber threat. However, organisations with good cyber maturity are better equipped to deal with incidents. Even when they are attacked, losses are less severe due to established identification and response mechanisms.
Also read: Fraudsters are taking advantage of the vulnerable
“Although we see good progress, our experience also shows that many companies still need to strengthen their cyber controls. It must be particularly strengthened around IT security training, better network segmentation for critical environments and cyber incident response plans and security governance.
“As a cyber insurer, we are willing to go beyond pure risk transfer, helping clients to adapt to a changing risk landscape and raising their protection levels.”
Around the world, the frequency of ransomware attacks remains high, as do related claims costs.
There was a record 623 million attacks in 2021, double that of 2020.
Although frequency reduced by 23% globally during the first half of 2022, the year-to-date total still exceeds that of the full years of 2017, 2018 and 2019, while Europe saw attacks surge over this period.
Ransomware is forecast to cause $30b (R517 415 100 000) in damages to organisations globally by 2023.
From an AGCS perspective, the value of ransomware claims the company was involved in together with other insurers, accounted for over 50% of all cyber claims costs during 2020 and 2021.
Double and triple extortion is now the norm
“The cost of ransomware attacks has increased as criminals have targeted larger companies, critical infrastructure and supply chains. Criminals have honed their tactics to extort more money,” Sayce explained.
“Double and triple extortion attacks are now the norm – besides the encryption of systems, sensitive data is increasingly stolen and used as leverage for extortion demands to business partners, suppliers or customers.”
Ransomware severity is likely to remain a key threat for businesses, fueled by the growing sophistication of gangs and rising inflation, reflected in the increased cost of IT and cyber security specialists.
Increasingly, smaller and mid-sized companies often lack the controls and resources to invest in cyber security and are targeted by gangs as larger businesses invest more heavily in security.
Gangs are also using a wide range of harassment techniques, tailoring their ransom demands to specific companies and using expert negotiators to maximize returns.
Sophisticated scams
Business email compromise (BEC) attacks continue to rise. This is facilitated by growing digitalisation and availability of data the shift to remote working and ‘deep fake’ technology and virtual conferencing.
BEC scams totalled $43b (R741 628 310 000) globally from 2016 to 2021 according to the FBI, with a 65% spike in scams between July 2019 and December 2021 alone.
Attacks are becoming more sophisticated and targeted with criminals using virtual meeting platforms to trick employees to transfer funds or share sensitive information. Increasingly, these attacks are enabled by artificial intelligence enabling ‘deep fake ‘audio or videos that mimic senior executives.
Last year, a bank employee from the United Arab Emirates made a $35m (R604 792 790) transfer after being misled by the cloned voice of a company director.
The threat of cyber war
The war in Ukraine and wider geopolitical tensions are major factors reshaping the cyber threat landscape. It increases the risk of espionage, sabotage and destructive cyberattacks against companies with ties to Russia and Ukraine, as well as allies and those in neighbouring countries.
State-sponsored cyber acts could potentially target critical infrastructure, supply chains or corporations.
“As yet, the war between Russia and Ukraine has not led to a notable uptick in cyber insurance claims. However, it does point to a potentially increased risk from nation-states,” Sayce explained.
Although acts of war are typically excluded from traditional insurance products, the risk of a hybrid cyber war has accelerated efforts in the insurance market to address the issue of war and state-sponsored cyber attacks in wording and provide clarity of cover for customers.
