In the rapidly evolving cyber threat landscape, the year 2024 has seen a dramatic increase in ransomware attack severity, according to Coalition’s newly released 2024 Cyber Claims Report: Mid-year Update. The report reveals that while the overall frequency of ransomware attacks decreased, the financial impact of each successful attack soared by 68%, with the average loss reaching $353,000. This trend highlights how cybercriminals are shifting their focus towards larger, more damaging attacks, leveraging new ransomware variants like Play and BlackSuit.
Our takeaways follow, you can get the whole report here. As you read, keep in mind the recent piece “The ransomware battle is shifting — so should our response” by Anne Neuberger, the U.S. Deputy National Security Adviser for Cyber and Emerging Technology.
Ransomware Remains a Major Threat Despite Frequency Drop
“Although the frequency of using ransomware as an attack strategy actually decreased this half, we saw a marked spike in the severity and demand amounts, especially those associated with the Play and BlackSuit ransom variants,” said Rob Jones, Coalition’s Head of Claims. Coalition’s Incident Response team played a critical role in negotiations, successfully reducing ransom demands by 50%. However, even with these efforts, the overall severity of ransomware attacks remains a significant concern for businesses.
The report sheds light on how ransomware continues to evolve as one of the most lucrative cybercrimes. Despite a decrease in the number of attacks, cybercriminals have increased their focus on large organizations, demanding higher ransoms that result in more substantial financial losses. This trend demonstrates the volatility and persistent threat posed by ransomware in 2024.
Funds Transfer Fraud Declines, But Impact Remains
On a more positive note, Coalition reported a 2% decrease in the frequency of funds transfer fraud (FTF) incidents and a 15% drop in their severity, with average losses falling to $218,000. Coalition successfully recovered $10.8 million in fraudulent payments on behalf of policyholders, underscoring the importance of quick action and expert incident response in mitigating losses from such schemes.
While the decline in FTF is promising, the report highlights that certain sectors, such as financial services and nonprofits, experienced an increase in claims. For example, financial services businesses saw a 34% uptick in FTF claims, furthering a trend that has persisted over the past 18 months.
Third-Party Risk Aggregation Events Cause Widespread Disruption
In addition to direct cyberattacks, third-party risk aggregation events emerged as a growing concern in the first half of 2024. Two significant events—the ransomware attacks on Change Healthcare and CDK Global—demonstrated how a single cyber event can trigger widespread disruption across multiple organizations. The Change Healthcare attack impacted 23% of healthcare businesses with over $100 million in revenue, while the CDK Global attack affected 75% of auto dealerships in the same revenue band.
These events highlight the increasing interconnectedness of modern businesses and the fragility of the technology systems that underpin their operations. As Rob Jones noted, “As third-party risk continues to grow and aggregation events become part of the business lexicon, it’s equally important to spotlight how Coalition continues to take an active role in risk mitigation for policyholders.”
Business Email Compromise Continues to Rise
Another alarming trend revealed in the report is the ongoing increase in business email compromise (BEC) incidents. BEC accounted for nearly one-third of all cyber insurance claims in the first half of 2024, with the frequency of these events rising by 4% compared to 2023. The rise in BEC is attributed to threat actors using artificial intelligence (AI) to craft more convincing phishing emails, allowing them to infiltrate inboxes at scale.
Subscribe to our newsletter!
While BEC incidents are generally less costly than ransomware attacks, their growing frequency makes them a significant concern for businesses of all sizes. The average loss from BEC incidents in 2024 was $26,000, representing a 30% decrease in severity, thanks in part to improved detection and response measures.
Exposed Login Panels and Non-encryption System Compromises Pose Increasing Risk
The report also highlights the dangers of exposed login panels and non-encryption system compromises. Businesses using web-accessible applications were found to be 3.1 times more likely to experience a cyber claim. These exposed login panels present a prime target for cybercriminals, who use automated tools to search the internet for vulnerable entry points.
Non-encryption system compromises, which include data breaches that occur without the use of encryption, accounted for nearly two-thirds of all reported “Other” cyber events in the first half of 2024. This trend underscores the importance of maintaining robust security controls, such as encryption, to protect sensitive data from unauthorized access.
Active Insurance: Coalition’s Proactive Approach to Cyber Risk
Coalition continues to advocate for a proactive approach to cyber risk through its “Active Insurance” model. This approach integrates cyber risk assessment, proactive protection, expert response, and comprehensive coverage to help businesses stay ahead of digital threats. Coalition’s success in reducing the impact of ransomware and recovering fraudulent funds illustrates the value of this hands-on approach.
“As the frequency and severity of cyber threats evolve, so must the strategies we employ to protect businesses,” said Jones. “Coalition is committed to staying one step ahead by continuously refining our risk mitigation strategies and helping our policyholders navigate the complex and ever-changing cyber landscape.”
Looking Ahead: The Future of Cyber Risk in 2024
The first half of 2024 has been marked by the increasing severity of cyberattacks, particularly ransomware, as well as the growing threat of third-party risk aggregation events. Coalition’s report provides valuable insights into these emerging trends and highlights the importance of proactive risk management in minimizing the financial impact of cyber events.
As cybercriminals continue to evolve their tactics, leveraging AI and targeting vulnerable technologies, businesses must remain vigilant. Coalition’s 2024 Cyber Claims Report: Mid-year Update serves as a reminder that the cyber threat landscape is constantly shifting.
Other News: Ransomware and Data Exfiltration Continue to Dominate Cyber Losses – Allianz Report(Opens in a new browser tab).
Other News: The Internet Archive slammed by DDoS attack and data breach.