According to the latest Beazley Breach Insights report, published today, the total cost of ransom payments doubled year-on-year through the first six months of 2020, based on incidents reported to Beazley’s in-house breach response team, BBR Services.
The nature of ransomware attacks has also markedly changed in 2020. Today’s ransomware incidents are more likely to include a threat to release stolen data versus encryption alone. Threat actors increasingly have prior access to a network before deploying their attack, during which time they are working to escalate their privileges, move laterally through the network, and perform reconnaissance on the network and data stored on it. Frequently, they now also exfiltrate data and upload it to an external site, both to prove that they have access and to threaten exposure.
Multiple layers of security needed
Despite the growing complexity of the attacks, there are opportunities to disrupt criminals’ activities during the cyber extortion process, however, this requires regular and thorough training of employees on how to avoid this evolving threat. Organizations should not only try to prevent a ransomware infection, but prepare in case they do get infected, through multiple layers of security, each reducing the risk and probability of ransomware.
Paul Bantick, Beazley’s Global Head of Cyber & Technology, said “In an incredibly challenging year in which ransomware has become the biggest cyber threat to impact individuals and organizations alike, the severity of ransomware attacks has continued to escalate. Our underwriting, claims and threat intelligence database shows that ransomware attacks are much more sophisticated and severe, thus, it is critical that organizations adopt a layered approach to security and take stringent measures to make it hard for threat actors at every step.
“Throughout 2020, our award-winning claims and BBR Services teams have risen to the challenge to help thousands of clients respond to these fast-moving and complex events while maintaining exemplary service levels. As the year comes to a close, I would like to thank our brokers and insureds for their support in 2020.”
For risk management tips on reducing the risk of ransomware read the full Beazley Breach Insight here.