New data from cyber insurer Coalition puts the spotlight on not only how much worse attacks are getting, but claim data paints the picture that organizations just aren’t ready.
No one hears more about cyberattacks than insurers. The ones we all hear about in the news are but a fraction of the actual number of attacks organizations experience every day. Cyber insurers like Coalition are given an unadulterated view into attacks most of us will never see. To investigate a claim, they need to uncover every detail about an attack, the security measures in place, and everything in between.
So when a cyber insurer puts out a report based on their insured’s experienced with cyber attacks, it’s a reputable data set that you should take warning from. In cyber insurer Coalition’s 1H 2021 Cyber Insurance Claims Report, we see a common trend of growth, innovation, and expense tied to cyberattacks:
- Business Email Compromise (BEC) attacks are up 51% over the first half of last year
- Funds transfer fraud (FTF) is up 28% in the same timeframe
- Ransoms are up 170%
- Funds stolen as part of FTF is up 179%
- Attacks against organizations under 250 seats have increased 57%
- The number of claims has increased more than 100% in enterprise organizations, with smaller but ubiquitous growth in the number of claims across all org size segments
Coalition also does a great job breaking down the initial attack vector in each claim (shown below):
Source: Coalition
It’s evident that phishing plays the greatest role in attacks (representing 48% of attacks in claims), providing threat actors with the access and privilege they need to, at very least, begin infiltrating the victim network.
This is why it’s so important to put Security Awareness Training in place to ensure that every part of your network – including the user themselves – plays a role in stopping email-based cyber attacks, well before the damage is done and a claim needs to be filed.
