Active insurance provider Coalition has released its 2024 Cyber Claims Report, shedding light on key cyber threats and their implications for policyholders throughout 2023.
Notably, the report revealed that over half (56%) of all cyber claims during the year stemmed from funds transfer fraud (FTF) or business email compromise (BEC), a result which Coalition explains underscores the importance of robust email security measures.
Further findings from the report indicate heightened vulnerabilities associated with certain network security devices. Specifically, businesses utilising internet-exposed Cisco ASA devices were nearly five times more likely to file a cyber claim in 2023. Similarly, those using Fortinet devices experienced a doubled likelihood of filing a claim.
Additional statistics include a 13% year-over-year increase in overall claims frequency and a 10% rise in overall claims severity, resulting in an average loss of $100,000. Businesses with revenues between $25 million and $100 million were particularly impacted, witnessing a 32% surge in claims frequency.
Despite a global rise in ransomware payments reaching $1 billion, Coalition observed a 54% decrease in the severity of ransomware incidents among its policyholders. However, ransomware frequency and severity still rose overall in 2023, with average losses exceeding $263,000. When necessary, Coalition facilitated negotiations that reduced ransom demands by an average of 64%.
The report also noted a 15% increase in FTF frequency and a 24% rise in severity, with average losses topping $278,000. Meanwhile, BEC claims saw a modest 5% increase in frequency, though their severity decreased by 15%.
Robert Jones, Coalition’s head of global claims, explained the prevalence of these types of claims.
“Threat actors want to get paid, and the email inbox has proven to be an easy place for an attacker to uncover payment information and potentially intervene in payment processes to steal funds,” Jones said. “In 2023, Coalition endeavoured to make recovering from a cyber incident as painless as possible for our policyholders: We successfully helped claw back more than $38 million in fraudulent transfers and handled 52% of all reported matters without out-of-pocket payments.”
Shelley Ma, incident response lead at Coalition’s affiliate, Coalition Incident Response, highlighted another significant risk.
“We also found that policyholders using internet-exposed remote desktop protocol were 2.5 times more likely to experience a claim,” Ma noted.
She added that the advent of new AI tools has simplified the execution of targeted cyberattacks, making proactive digital risk management more critical than ever.
What are your thoughts on this story? Please feel free to share your comments below.
