Analysis of 2018 Cyber Claims Data by Society Insurance

Ransomware. Business email compromise. Spear phishing. This is the new language of business risk. Whether it’s a massive data breach that exposes customer information, or an automated ransomware attack that extorts bitcoin payments from a small business owner, the cybercrime wave continues to swell as the cybercrime economy becomes more sophisticated.

The threat of cyber attacks continues to top the list of executive concerns around the globe. According to the latest survey by The Conference Board, US-based CEO’s rank cybersecurity as their number one concern.

And here’s why…

Statistics on Cyber Attacks

• The Identity Theft Resource Center reports that in 2018 over 1,200 incidents have exposed 440 million records of personal information, an increase of 126% over 2017.

• CyberSecurity Ventures reports that ransomware cost businesses $5 billion worldwide in 2017 and upwards of $8 billion in 2018. And a recent report from the Insurance Industry Cybercrime Task Force noted that ransomware payment demands have significantly increased. “Demands of $250,000 to $500,000 were non-existent six months ago and are now a weekly occurrence.”

• According to the 2018 Verizon Data Breach Investigations Report, 59% of all cyberattacks targeted small businesses. Costs to respond and recover from these attacks averaged almost $385,000. While the nature and extent of attacks on small business vary greatly, 67 percent of small businesses experienced a cyberattack and 58 percent experienced a data breach in the last 12 months.

Cyber Claims Overview

This report is based on nearly 1,800 cyber claims closed in the 2018 calendar year, up 15% over 2017. Overall, policyholders’ claims grew by 38% and cybercrime claims almost doubled from 2017—led by financial fraud.

[Download graphic: 5 Ways Business Owners Put Data At Risk]

Financial Fraud

The most significant increase of cybercrime activity is in financial fraud, with an 89% increase over 2017 claims. Fraudulent transactions are often a result of email phishing schemes.

Phishing Fraud

Phishing schemes have become commonplace and effective—and they are becoming harder to recognize. Phishing attacks rely on human tendencies to trick people into revealing sensitive information, downloading malware, or committing financial fraud. Common phishing examples frequently come from sources with authority, such as: banks, financial institutions, the IRS, police, or company executives.

‘Spear-fishing’ targets a specific individual. Thieves are diligent in gathering background information on their targets from social media, blogs and other websites to appear more credible when crafting their scams. Attackers then play on emotional triggers including fear, urgency, and authority to trick their target into making impulsive decisions without thinking.

While phishing attacks at times led to a data breach in 2018, they often led to financial fraud, like fraudulent payments or wire transfers of funds to fraudulent accounts due to cybercriminals posing as policyholder clients or business partners.

Hacking

Hacking is a method in which cybercriminals illegally gain access to computers. In many 2018 cases, this led to data exposure and data theft. Consequently, policyholders incurred substantial cyber breach response costs.

Ransomware

In 2017 and 2018, ransomware events were front and center as an area of great concern for insureds and remained the second-most cause of loss among cyber claims in each year. Over the past two years, 90 ransomware incidents were resolved among a broad range of businesses. Payment demands were wide-ranging and topped out over $30,000 (and in a variety of currencies). In addition to the actual ransom payments, the technical and legal expenses associated with negotiating and paying the cryptocurrency demands often tripled or quadrupled the cost of resolving the issue with
expenses often soaring over $70,000.

While in years past there has been a growing frequency of ransomware claims, the costs to recover and the demands for payment were not nearly as concerning as this year. In 2019, there has been a huge shift with ransom demands often 10 times more than in years past. In three separate events, ransom demands have ranged from $100,000 to $1.2 million. And, according to a broader study by the NetDiligence Industry Cybercrime Task Force, other carriers are seeing this trend of much higher ransom demands. As ransom demands climb, greater awareness and preparedness among
business owners is critical.

Costs of Cyber Claim

Consistent with 2017 data, the largest costs associated with cyber claims were IT forensics and breach coach/legal expenses.

IT forensic expenses are those related to the investigation of a breach, examination of what data may have been exposed or exfiltrated, cryptocurrency procurement and payment, and data decryption and/or system restoration. IT forensics
costs were up 105% over 2017 and represent 51% of the overall costs of cyber claims.

Breach coach/legal expenses are related to the legal fees incurred in managing the breach response, coordination of vendors and defense costs (where applicable). Breach coach/legal expenses were up 72% over 2017 and represent 30% of overall cyber claims expenses.

2018 Allocation of Cyber Claims Costs

Growing Response Costs

The overall number of cyber incidents grew 38%. This sharp uptick also led to significant increases in the costs of responding to the incidents in most categories, with the greatest increase in ‘notification’ and ‘IT forensics’ costs.

Preventing & Mitigating Losses from a Cyber Attack

We are often asked for suggestions or guidance on how to reduce the risk of a cyber incident. Given the complexity of ‘cyber incidents’ and the wide range of types of attacks, there are no easy answers. However, the more prepared an organization is to repond, the faster they recover.

Explore our data security blog series for educational resources.

As a means of ‘first response’ to a suspected incident, here’s a helpful guide of what to do in various situations to help mitigate the impact:

Keeping Vigilant & Informed of Cyber Incidents

Throughout 2018, we saw a broad range of cyber incidents and a wide variance in the costs of claims. In 2019, the greatest concern is the shift in the severity of these activities. Greater awareness and preparedness is critical.

Business owners should consider an extra layer of protection by adding cyber liability coverage to their current insurance plan. Get in touch with your local Society agent today to learn more.