Cyber securityÌýtrends 2023
The latest threats and risk mitigation best practice â€“ before, during and after a hack
Improvements in cyber security and business continuity are helping to combat encryption-based ransomware attacks, yet the cyber threat landscape is continually evolving. 2023 has seen a worrying resurgence in ransomware and extortion claims, resulting in an uptick in costly incidents, demonstrating that although progress is being made, the threat posed by ransomware shows little sign of abating.
Reports note that the number of ransomware victims surged by as much as 143% globally during the first quarter of 2023 with January and February seeing the highest number of hack and leak cases in three years. Ransomware alone is projected to cost its victims approximately US$265bn annually by 2031.
Hackers are increasingly targeting IT and physical supply chains, launching mass cyber-attacks and finding new ways to extort money from companies, large and small. Most ransomware attacks now involve the theft of personal or sensitive commercial data for the purpose of extortion, adding further cost and complexity, as well as the increased potential for reputational damage and third-party liability. ÐÇ¿Õ´«Ã½ analysis of a number of large insurance industry cyber losses shows that the proportion of cases in which data is exfiltrated is increasing every year â€“ from 40% of cases in 2019 to around 77% of cases in 2022, with 2023 on course to surpass last yearâ€™s total.
Protecting an organization against intrusion remains a cat and mouse game, in which the cyber criminals have the advantage. Threat actors are now exploring ways to use artificial intelligence (AI) to automate and accelerate attacks, creating more effective AI-powered malware and phishing. Combined with the explosion in connected mobile devices and 5G-enabled Internet of Things, the avenues for cyber-attacks look only likely to increase in the coming years.
Preventing a cyber-attack is therefore becoming harder, and the stakes higher. As a result, early detection and response capabilities are becoming ever more important. An intrusion can quickly escalate, and once data is encrypted and / or stolen, the consequences and costs snowball â€“ costs can be as much as, or even more than, 1,000 times higher than if an incident is not detected and contained early, ÐÇ¿Õ´«Ã½ analysis shows.
Ultimately, early detection and effective response capabilities will be key to mitigating the impact of cyber-attacks and ensuring a sustainable insurance market going forward.
Threat landscape:ÌýResurgent ransomwareÌýtargets data and supply chains
- Ramsomware groups continue to adaptÌýtheir tactics and business models in response to cyber security changes.
- Ransomware-as-a-Service (RaaS)Ìýremains a key driver for the ongoingÌýfrequency of attacks.
- Double and triple extortion attacksÌýare not new, but they are nowÌýmore prevalent, and potentiallyÌýmore impactful and costly forÌýaffected companies.Ìý
- Supply chain-enabled ransomwareÌýattacks have now become an establishedÌýpart of the ransomware playbook.
- Rise in mass ransomware attacks meansÌýinsurers will need to better understandÌýthe interconnectivity and dependenciesÌýthat exist between companies and withinÌýdigital supply chains.
Future threats:ÌýAI, IoT and skills shortageÌýto fuel future cyber-attacks
- AI-powered language models and voice simulation software recent additions to the cyber criminalâ€™s arsenal.
- ÐÇ¿Õ´«Ã½ Commercial has seen a growing number of incidents caused by poor cyber security around mobile devices.
- Technical skills crisis in cyber security is also increasing the cost of responding to an incident.
Claims: Stabilization trendÌýthreatened by mass attacksÌýand data exfiltration
- Ransomware and extortion-based attacks remain the largest source of cyber insurance claims by volume and frequency.Ìý
- In addition to extortion claims, there has also been an uptick in the number of data privacy claims in the US, related to biometric information.
- ÐÇ¿Õ´«Ã½ analysis of large cyber losses shows that the number of cases in which data is exfiltrated has significantly increased, as has the number of incidents becoming public.
- ÐÇ¿Õ´«Ã½ Commercial claims analysis shows that breaches that are not detected and contained early can be 1,000 times more expensive.
Number of cyber-related claims per year
Mitigation: Early detectionÌýis key to combatingÌýemerging cyber threat
- The key to avoiding damaging cyber-attacks and mitigating losses is to detect an attack in its early stages.
- Companies should direct additional cyber security spend on detection and response. Only one third of companies discover a breach through their own security teams.
- Companies that are routinely and properly managing their data, and making sure it is stored appropriately, and deleted when it is no longer required, will reduce their risks.
- Smaller companies need to develop a clear understanding of their potential risks and allocate ample resources in terms of personnel, IT infrastructure, and budget to implement tailored security measures.
- Midcorps must identify their crucial IT assets, then collaborate with cyber security service partners to deploy detection and monitoring tools at the network perimeter and endpoints.