Coalition’s newly released 2022 Cyber Claims Report shows that fewer claims were made in the first half of this year because both the number and severity of ransomware attacks went down. However, this does not mean that organizations are safe.
Demands for ransomware fell from $1.37 million in the second half of 2021 to $896,000. Manufacturing and industrial supply chain businesses remain the most common targets, while non-profit policyholders report a startling 57% increase in the number of claims.
Chris Hendricks, Coalition’s head of incident response, stated that this is good news because “organizations are becoming more aware of the threat ransomware poses.” In fact, Coalition policyholders made half as many claims as the rest of the market. Furthermore, these claims aren’t as bad as they used to be, and nearly half of them are free to fix.
Hendricks said, “They have started to put in place controls like offline data backups that let them not pay the ransom and still get their operations back up and running.”
But because ransomware attacks don’t work as well as they used to, hackers are now using “more reliable” phishing methods like funds transfer fraud (FTF) to go after individual employees. From H2 2021 to H1 2022, the percentage of claims in which phishing was the primary attack method increased from 42% to 58%.
Small and medium-sized businesses with annual revenue of less than $25 million are asked to be more cautious because they have less money to deal with attacks. The average cost of a small business claim increased 58% from H1 2022 to US$139,000 in H1 2022.
“Across industries, we continue to see high-profile attacks on organizations with weak or exposed infrastructure,” said Catherine Lyle, Coalition’s head of claims. This is exacerbated by today’s remote work culture and companies’ reliance on third-party vendors.” “Small businesses are especially vulnerable because they frequently lack sufficient funds or resources.” It’s important for these businesses to avoid downtime and other problems, and they need to know that active insurance is available.
Ransomware gangs are becoming more common, so Coalition warned that cyber incidents could put small businesses out of business. This is why they need to take an active approach to managing risk.
Coalition wrote in the report, “Our claims data on the top cyber incident trends shows how important it is for organizations of all sizes to stay alert.” “Cybercriminals have made a way to make money that is both profitable and here to stay.”