Ayodeji Ayenuwa
In a stark warning, Allianz Commercial has reported a resurgence of ransomware and extortion attacks in 2023. The report indicates an increase in cyber threats, with hackers now targeting both IT and physical supply chains, posing a threat to businesses of all sizes.
According to the report, “Cybersecurity Trends 2023: The Latest Threats and Risk Mitigation Best Practices – Before, During, and After a Hack,” the frequency of cyber claims is on the rise, with a projected 25% annual increase by the end of this year.
Scott Sayce, Global Head of Cyber at Allianz Commercial, notes, “Cyber claims frequency has picked up again this year as ransomware groups continue to evolve their tactics.” Sayce also highlights that “the attackers are back, and focused again on Western economies, with more powerful tools, enhanced processes, and attack mechanisms.”
Data Theft And Extortion Incidents Soar
The report reveals a notable trend: the increasing theft of personal and sensitive commercial data by cybercriminals for extortion purposes. This not only drives up the complexity of incidents but also raises concerns about potential damage to a company’s reputation.
One of the concerning trends is the rise of double and triple extortion incidents, as Michael Daum, Global Head of Cyber Claims at Allianz Commercial, points out, “Double and triple extortion incidents—using a combination of encryption, data exfiltration, and Distributed Denial of Service attacks—to obtain money are not new but they are now more prevalent.” Factors contributing to this trend include the growing collection of personal data and stricter global privacy regulations.
Data exfiltration significantly drives up the cost of cyber claims, as companies must not only determine what data was stolen but also notify affected customers who may seek compensation or legal action.
Ransomware Attacks
Large-scale ransomware attacks, such as the MOVEit attack, which exploited software vulnerabilities and IT supply chain weaknesses, have contributed to the increase in claims in 2023. As Daum states, “More mass cyber-attacks can be expected in the future.” He emphasizes the need for companies and their insurers to better understand the interconnectivity and dependencies that exist between organizations and within digital supply chains.
The report also highlights a growing number of cyber incidents becoming public knowledge, with Rishi Baviskar, Global Head of Cyber Risk Consulting at Allianz Commercial, noting that, “Today, if you have data exfiltration, it will likely go public, and every company needs to be prepared for this.”
Consequently, more companies are opting to pay ransoms, with the percentage increasing from 10% in 2019 to 54% in 2022. However, paying a ransom for stolen data doesn’t necessarily resolve the issue, as third-party litigation, especially in the United States, remains a possibility.
The report underscores the importance of early detection and fast response capabilities in mitigating the impact of cyber-attacks. As Baviskar states, “Detection systems are constantly improving and can save lots of pain, decreasing detection and response times.”
Ultimately, the Allianz Commercial report highlights the evolving cyber threat landscape, increased data exfiltration, and the prominence of ransomware attacks. Emphasizing that early detection and rapid response can significantly reduce the impact of these attacks, ensuring a sustainable cyber insurance market in the future.
Techrectory with Agency Report.
