Ransomware a top cyber-risk
Sophistication and frequency of business e-mail compromise attacks also increasing, says Allianz
Ransomware remains a top cyber-risk for organisations globally, while compromised business e-mail incidents are on the rise and will increase further in the “deepfake” era, according to a new report from Allianz Global Corporate & Specialty (AGCS).
At the same time, the war in Ukraine and wider geopolitical tensions are a major concern as hostilities could spill over into cyberspace and cause targeted attacks against companies, infrastructure or supply chains, the report said.
The global insurer’s annual review of the cyber-risk landscape also highlights the emerging threats posed by the growing reliance on cloud services, an evolving third-party liability landscape that means higher compensation and penalties, as well as the impact of a shortage of cybersecurity professionals.
Such potential vulnerabilities mean today a company’s cybersecurity resilience is scrutinised by more parties than ever before, including global investors, meaning many firms now rank it as their major environmental, social and governance (ESG) risk concern, the report notes.
“The cyber-risk landscape doesn’t allow for any resting on laurels. Ransomware and phishing scams are as active as ever, and on top of that there is the prospect of a hybrid cyberwar,” said Scott Sayce, global head of cyber at AGCS and group head of the Cyber Centre of Competence.
“Most companies will not be able to evade a cyberthreat. However, it is clear that organisations with good cyber-maturity are better equipped to deal with incidents. Even when they are attacked, losses are typically less severe due to established identification and response mechanisms.”
Around the world, the frequency of ransomware attacks remains high, as do related claims costs. Allianz noted a record 623 million attacks in 2021, double that of 2020.
Although frequency reduced by 23% globally during the first half of 2022, the year-to-date total still exceeds that of the full years of 2017, 2018 and 2019, while Europe saw attacks surge during this period.
$30 BILLION IN DAMAGES
Ransomware is forecast to cause $30 billion in damages to organisations globally by 2023. The value of ransomware claims that Allianz was involved in, together with other insurers, accounted for well over 50% of all cyber claims costs during 2020 and 2021.
“The cost of ransomware attacks has increased as criminals have targeted larger companies, critical infrastructure and supply chains. Criminals have honed their tactics to extort more money,” said Mr Sayce.
“Double and triple extortion attacks are now the norm — besides the encryption of systems, sensitive data is increasingly stolen and used as leverage for extortion demands from business partners, suppliers or customers.”
Increasingly, smaller and mid-sized companies that often lack controls and resources to invest in cybersecurity are being targeted by gangs as larger businesses invest more heavily in security. Gangs are also using a wide range of harassment techniques, tailoring their ransom demands to specific companies and are using expert negotiators to maximise returns.
Business e-mail compromise (BEC) attacks also continue to rise, facilitated by growing digitisation and availability of data, the shift to remote working and increasingly deepfake technology and virtual conferencing.
BEC scams totalled $43 billion globally from 2016 to 2021 according to the Federal Bureau of Investigation, with a 65% spike in scams between July 2019 and December 2021 alone.
Attacks are becoming more sophisticated and targeted, with criminals now using virtual meeting platforms to trick employees to transfer funds or share sensitive information, said Allianz.
Increasingly, these attacks are enabled by artificial intelligence enabling deepfake audio or videos that mimic senior executives. Last year, a bank employee from the United Arab Emirates made a $35-million transfer after being misled by the cloned voice of a company director, the report said.
RISK IN THE CLOUD
Another area of concern highlighted by Allianz is cloud outsourcing. Companies continue to shift their services and data storage onto the cloud, despite growing concerns about security and risk aggregation.
By relying on a small number of providers for cloud services or cybersecurity, society is creating large concentrations around a few single points of failure, the report said.
It is a common misconception that the outsourcing or cloud vendor will assume full responsibility in the event of an incident.
In response to a more complex risk environment and increasing cyber claims, the insurance industry is more diligently assessing companies’ cyber-risk profiles in a bid to incentivise companies to improve their security and risk management controls.
“The good news is we are now seeing a very different conversation on the quality of cyber-risk than a few years ago,” said Mr Sayce. “We are gaining much better insights and appreciate clients going the extra mile in order to provide comprehensive data to us.
“This also helps us to provide more value and offer useful information and advice to customers, such as which controls are most effective or where to further improve risk management and response approaches.”
‘‘ The cost of ransomware attacks has increased as criminals have targeted larger companies, critical infrastructure and supply chains. SCOTT SAYCE Global head of cyber, AGCS