Ransomware claims increase 27%

by | Sep 29, 2023 | News, Security

The Coalition Insurance  “2023 Cyber Claims Report: Mid-year Update” highlights the changing nature of the cyber threat landscape that businesses are currently facing, with a record surge in claims severity compared to the previous year.

This is US data but it tends to foreshadow what we can expect here and even the latest Cert NZ quarterly report shows an 8% increase in ransomware locally.

Key Takeaways from the Report:

  • Overall Cyber Claim Growth: 12% uptick in cyber claims during the initial six months of 2023, primarily driven by the increase in ransomware and funds transfer fraud (FTF).
  • Ransomware claims have seen a significant increase, rising by 27% in the first half of 2023
  • Impact on High Revenue Businesses: Companies generating over $100 million in revenue witnessed a significant impact, experiencing a 20% rise in claims volume and a 72% surge in claims severity compared to the second half of 2022.
  • Escalating Ransom Demands: The average ransom demand reached $1.62 million, representing a 47% surge in the past six months and a 74% increase year-on-year.
  • Funds Transfer Fraud (FTF) claims frequency increased by 15% in the first half of 2023, with FTF severity rising by 39%, resulting in an average loss of over $297,000.
  • Email Platform Security: We were surprised to note that organisations using Google Workspace for email demonstrated stronger security measures in comparison to those relying on Microsoft Office 365 or on-premises Microsoft Exchange.  The data suggests that M365 users faced more than double the likelihood of claims relative to Google Workspace users. Meanwhile, on-premises Microsoft Exchange users had an almost threefold probability.

Why the Rise in Ransomware Claims?

Chris Hendricks, Head of Coalition Incident Response, commented: “The cyber threat landscape has evolved, resulting in more frequent and severe claims. It is crucial for organizations to prioritize risk management and enhance their security measures.”

 

What about Microsoft 365?

Microsoft 365 has incredibly strong data security capabilities.  You just have to configure them, and tune them for the organisation.

Features like IRM (information rights management) and DLP (data leak protection) are vital, but they have to be set up and switched on, and that should be based on the needs and policies of the business.

Multi-factor authentication (MFA) is vital.  We’ve been posting about this and talking with clients, and still there are some people that resist – MFA isn’t perfect and it can be overcome, but even so, it is a very powerful first line of defence.

Finally, services like Kinetics KARE Foundation includes 365 scans and anomoly alerts.

The bottom line is that Microsoft 365 is incredibly powerful, and incredibly secure – but it has to be setup properly, and reviewed regularly.  If you aren’t sure about your 365 setup, please get in  touch and we’ll be very happy to help.

 

The Coalition Insurance  “2023 Cyber Claims Report: Mid-year Update” highlights the changing nature of the cyber threat landscape that businesses are currently facing, with a record 117% surge in claims severity compared to the previous year.

 

This is US data but it tends to foreshadow what we can expect here and even the latest Cert NZ quarterly report shows an 8% increase in ransomware locally.

Key Takeaways from the Report:

  • Overall Cyber Claim Growth: 12% uptick in cyber claims during the initial six months of 2023, primarily driven by the increase in ransomware and funds transfer fraud (FTF).
  • Ransomware claims have seen a significant increase, rising by 27% in the first half of 2023
  • Impact on High Revenue Businesses: Companies generating over $100 million in revenue witnessed a significant impact, experiencing a 20% rise in claims volume and a 72% surge in claims severity compared to the second half of 2022.
  • Escalating Ransom Demands: The average ransom demand reached $1.62 million, representing a 47% surge in the past six months and a 74% increase year-on-year.
  • Funds Transfer Fraud (FTF) claims frequency increased by 15% in the first half of 2023, with FTF severity rising by 39%, resulting in an average loss of over $297,000.
  • Email Platform Security: We were surprised to note that organisations using Google Workspace for email demonstrated stronger security measures in comparison to those relying on Microsoft Office 365 or on-premises Microsoft Exchange.  The data suggests that M365 users faced more than double the likelihood of claims relative to Google Workspace users. Meanwhile, on-premises Microsoft Exchange users had an almost threefold probability.

Why the Rise in Ransomware Claims?

Chris Hendricks, Head of Coalition Incident Response, commented: “The cyber threat landscape has evolved, resulting in more frequent and severe claims. It is crucial for organizations to prioritize risk management and enhance their security measures.”

 

What about Microsoft 365?

Microsoft 365 has incredibly strong data security capabilities.  You just have to configure them, and tune them for the organisation.

Features like IRM (information rights management) and DLP (data leak protection) are vital, but they have to be set up and switched on, and that should be based on the needs and policies of the business.

Multi-factor authentication (MFA) is vital.  We’ve been posting about this and talking with clients, and still there are some people that resist – MFA isn’t perfect and it can be oversome, but even so, it is a very powerrful first line of defence.

Finally, services like Kinetics KARE Foundation includes 365 scans and anomoly alerts.

The bottom line is that Microsoft 365 is incredibly powerful, and incredibnly secure – but it has to be setup properly, and reviewed regularly.  If you aren’t sure about your 365 setup, please get in  touch and we’ll be very happy to help.