Cyber intrusion activity worldwide jumped by 125% in the first half of 2021 compared to the same period in 2020, according to Accenture, with ransomware and extortion operations one of the major contributors behind this increase.
In a new Cyber Insights report, entitled ‘Ransomware trends: Risks and Resilience’ AGCS said
the increasing frequency and severity of ransomware incidents are driven by:
Scott Sayce, global head of cyber at AGCS, said not all attacks are targeted as cyber criminals often adopt a scattergun approach to exploit those businesses that are not addressing or understanding the vulnerabilities they may have.
“As insurers, we must continue to work with our clients to help businesses understand the need to strengthen their controls. At the same time, in today's rapidly evolving cyber insurance market, providing emergency response services, as well as financial compensation, is now the standard,” Sayce added.
The cyber risk trends are mirrored in AGCS's claims experience, with the insurer receiving more than a thousand cyber claims overall in 2020, up from about 80 in 2016. Specifically, the number of ransomware claims (90) rose by 50% compared to 2019 (60).
The insurer's claims analysis found that business interruption (BI) and restoration costs are the main drivers behind cyber losses such as ransomware attacks, accounting for over 50% of the value of close to 3,000 insurance industry cyber claims worth around €750 million ($885 million) it has been involved in over six years.
So how can companies protect themselves from the “ransomware pandemic? AGCS suggested focusing on:
“In around 80% of ransomware incidents losses could have been avoided if the organizations had followed best practices,” said Rishi Baviskar, global cyber experts leader at AGCS Risk Consulting. “Regular patching, multi-factor authentication, as well as information security and awareness training and incident response planning are essential to avoiding ransomware attacks and also constitute good cyber hygiene.
“If companies adhere to best practice recommendations there is a good chance that they will not become ransomware victims. Numerous security gaps can be closed, often with simple measures.”