Report | October 2023
Cyber securityÌýtrends 2023
The latest threats and risk mitigation best practice – before, during and after a hack
Investments in cyber security are paying off but an evolving threat landscape will require much greater focus on early detection and response capabilities.
Improvements in cyber security and business continuity are helping to combat encryption-based ransomware attacks, yet the cyber threat landscape is continually evolving. 2023 has seen a worrying resurgence in ransomware and extortion claims, resulting in an uptick in costly incidents, demonstrating that although progress is being made, the threat posed by ransomware shows little sign of abating.
Reports note that the number of ransomware victims surged by as much as 143% globally during the first quarter of 2023 with January and February seeing the highest number of hack and leak cases in three years. Ransomware alone is projected to cost its victims approximately US$265bn annually by 2031.
Hackers are increasingly targeting IT and physical supply chains, launching mass cyber-attacks and finding new ways to extort money from companies, large and small. Most ransomware attacks now involve the theft of personal or sensitive commercial data for the purpose of extortion, adding further cost and complexity, as well as the increased potential for reputational damage and third-party liability. Â鶹´«Ã½app analysis of a number of large insurance industry cyber losses shows that the proportion of cases in which data is exfiltrated is increasing every year – from 40% of cases in 2019 to around 77% of cases in 2022, with 2023 on course to surpass last year’s total.
Protecting an organization against intrusion remains a cat and mouse game, in which the cyber criminals have the advantage. Threat actors are now exploring ways to use artificial intelligence (AI) to automate and accelerate attacks, creating more effective AI-powered malware and phishing. Combined with the explosion in connected mobile devices and 5G-enabled Internet of Things, the avenues for cyber-attacks look only likely to increase in the coming years.
Preventing a cyber-attack is therefore becoming harder, and the stakes higher. As a result, early detection and response capabilities are becoming ever more important. An intrusion can quickly escalate, and once data is encrypted and / or stolen, the consequences and costs snowball – costs can be as much as, or even more than, 1,000 times higher than if an incident is not detected and contained early, Â鶹´«Ã½app analysis shows.
Ultimately, early detection and effective response capabilities will be key to mitigating the impact of cyber-attacks and ensuring a sustainable insurance market going forward.
Threat landscape:ÌýResurgent ransomwareÌýtargets data and supply chains
Ransomware remains the top cyber threat and the single largest cause of cyber insuranceÌýclaims by some distance. Following a short hiatus in 2022, ransomware attackÌýfrequency has picked up again in 2023 as threat actors use data exfiltration and supplyÌýchain attacks to maximize their leverage.Ìý
Key developments
- Ramsomware groups continue to adaptÌýtheir tactics and business models in response to cyber security changes.
- Ransomware-as-a-Service (RaaS)Ìýremains a key driver for the ongoingÌýfrequency of attacks.
- Double and triple extortion attacksÌýare not new, but they are nowÌýmore prevalent, and potentiallyÌýmore impactful and costly forÌýaffected companies.Ìý
- Supply chain-enabled ransomwareÌýattacks have now become an establishedÌýpart of the ransomware playbook.
- Rise in mass ransomware attacks meansÌýinsurers will need to better understandÌýthe interconnectivity and dependenciesÌýthat exist between companies and withinÌýdigital supply chains.
Future threats:ÌýAI, IoT and skills shortageÌýto fuel future cyber-attacks
Artificial intelligence (AI) is widely expected to power future ransomware attacks,Ìýwith automated attack processes, more convincing phishing, and faster malwareÌýdevelopment. However, it could also enhance cyber security, with more effective andÌýfaster detection and threat intelligence.Ìý
Key developments
- AI-powered language models and voice simulation software recent additions to the cyber criminal’s arsenal.
- Â鶹´«Ã½app Commercial has seen a growing number of incidents caused by poor cyber security around mobile devices.
- Technical skills crisis in cyber security is also increasing the cost of responding to an incident.
Claims: Stabilization trendÌýthreatened by mass attacksÌýand data exfiltration
Cyber claims frequency picked up again during the first half of 2023, althoughÌýimproved cyber security over the past two years has helped control first party lossesÌýand improve the overall quality of risk.
Key developments
- Ransomware and extortion-based attacks remain the largest source of cyber insurance claims by volume and frequency.Ìý
- In addition to extortion claims, there has also been an uptick in the number of data privacy claims in the US, related to biometric information.
- Â鶹´«Ã½app analysis of large cyber losses shows that the number of cases in which data is exfiltrated has significantly increased, as has the number of incidents becoming public.
- Â鶹´«Ã½app Commercial claims analysis shows that breaches that are not detected and contained early can be 1,000 times more expensive.
Number of cyber-related claims per year
Totals include all cyber-related claims per year. 2023 1H of the year only.
Source: Â鶹´«Ã½app Commercial
Mitigation: Early detectionÌýis key to combatingÌýemerging cyber threat
The vast majority of cyber-attacks are contained quickly and, if insured, often fall within policy deductible levels, or are not even notified. According to Â鶹´«Ã½app analysis, just 2% of claims drive the overall loss amount, and in almost all cases these would have benefited from early detection. Meanwhile, good data management is essential to mitigating the impact of data exfiltration attacks, as are a growing number of specialist services.
Key developments
- The key to avoiding damaging cyber-attacks and mitigating losses is to detect an attack in its early stages.
- Companies should direct additional cyber security spend on detection and response. Only one third of companies discover a breach through their own security teams.
- Companies that are routinely and properly managing their data, and making sure it is stored appropriately, and deleted when it is no longer required, will reduce their risks.
- Smaller companies need to develop a clear understanding of their potential risks and allocate ample resources in terms of personnel, IT infrastructure, and budget to implement tailored security measures.
- Midcorps must identify their crucial IT assets, then collaborate with cyber security service partners to deploy detection and monitoring tools at the network perimeter and endpoints.
Cyber security trends 2023
The latest threats and risk mitigation best practice – before, during and after a hack
Download the report
Simply fill out the form below to receive an email from us with the link to the full report.
Enjoy reading!
Ìý
Fields marked with asterisk (*) are mandatory.
