The average ransom demand increased by 20% to $1.8 million, but ransom payouts by Coalition policyholders decreased by 16%, according to a review of cyber claims data by the cyber MGA. In the second half of 2021, the severity of ransomware claims increased by 10%, while the frequency increased by 23%, with healthcare firms bearing the brunt of the attacks.
“We anticipate that the severity of ransomware will continue to flatten over time. As we predicted in our previous Claims Report, there is little leverage threat actors can gain beyond what they already have once they have taken an organization’s operations and data hostage,” said Coalition.
Despite some encouraging signs regarding ransomware, costs continue to rise for organizations that can least afford it. The average claim cost increased by 56% for businesses with less than $25 million in revenue, to $149,000. According to the report, the severity of claims for middle-market businesses increased 54 percent to $358,000 between the first and second halves of the year.
Over the course of 2021, cybercriminals also demonstrated adaptability, shifting tactics to take advantage of digital supply chains and widespread software vulnerabilities. Microsoft Exchange vulnerabilities continue to evolve – businesses that use Microsoft Exchange saw a 108 percent increase in claims when compared to organizations that did not use the tool.
“This heralds an era of omnidirectional threat-equality — cyber threats are ever-present from all angles,” wrote Coalition in its report. “While ransomware may be the most newsworthy, no attack vector can be trivialized or ignored.”
While ransomware claims continued to cost more than other types of cyberattacks on average, losses due to funds transfer fraud (FTF) increased by 69% in 2021. Between the first and second halves of 2021, the frequency of smaller organizations increased by 54%, and losses (before funds recovery) increased by 102%. Frequency increased by 68 percent in the middle market, but initial losses decreased.
"While much has changed since our last report, one constant has remained: organizations continue to be targeted by criminals because they have made poor technological choices, often exposed to the public internet, that make them vulnerable," the Coalition stated in the report.
Coalition's CEO and co-founder, Joshua Motta, claims that the company was able to contain 46 percent of reported incidents in 2021 at no cost to policyholders. In conjunction with the release of the cyber claims report, Coalition announced the launch of "Active Insurance," a new risk transfer model that provides ongoing risk assessments, protection, and response.