In the first half of 2023, there has been a significant increase in the number of applications for cyber insurance due to the rising use of extortion software in cyber attacks, according to a recent report by Coalition, a cyber insurance specialist.
The study reveals that extortion software has become the primary driver behind the increased frequency of insurance applications, which has risen by 12% compared to the previous year. Nearly one in every five cyber attacks resulting in insurance payouts was associated with extortion software, with the most common variants being malicious software from Royal, Blackcat, and Lockbit.
The month of May was particularly active, with the highest number of insurance applications due to extortion attacks in the history of the company, as reported by Coalition.
“After 18 months of declining activity, it seemed that extortion attacks were becoming a thing of the past,” write the authors of the report. “However, the recent upsurge in both the frequency and severity of insurance payment applications indicates that cybercriminals are still profiting greatly from these types of attacks.”
Victims of extortion software reported an average damage cost of over $365,000, surpassing the previous record of $227,000 set in the second half of the previous year.
While it is often difficult to determine exactly how much companies pay to extortion groups, Coalition’s data helps provide insights into the scale and frequency of these payments. The average payment demand among the insurance company’s clients amounted to $1.62 million, marking a 74% increase compared to the previous year.
According to the report, 36% of Coalition’s customers who experienced an attack chose to pay the ransom under reasonable circumstances and necessity. Through negotiations, the amounts were typically reduced by an average of 44% of the initial demand by the attackers.
Large companies with annual incomes exceeding $100 million suffered the greatest losses due to the surge in these attacks, resulting in insurance payments increasing by over 70%.
The report also highlights a rise in fraudulent fund transfers. In the first half of the year, the number of such cases increased by 15%, with the severity of the damage rising by 39%, averaging nearly $300,000. However, this amount was still lower than the record of $410,000 recorded in the first half of 2021.
“The complex tactics employed by cybercriminals contribute to the increased severity of damages from fund transfer fraud,” note the report’s authors.
“The longer hackers remain undetected within compromised email accounts, the more difficult it becomes to identify their intervention and report suspicious activity.