Over two-fifths (41%) of insurance claims in North America in the first half of the year were related to ransomware attacks, according to new industry data.
The figures from cyber-insurance provider Coalition, which claims to have over 25,000 SMB clients in the US and Canada, provide a handy insight into the biggest threats to organizations today.
Aside from ransomware, fund transfer losses (27%) and business email compromise (BEC) incidents (19%) rounded out the top three attack types by number of claims in the period.
These two are essentially the same kind of scam, although BEC is committed solely via email whereas fund transfer losses might involve other channels such as phone calls. Together the top three accounted for 87% of all claims in the first six months of 2020.
Coalition’s head of business operations, Jen McPhillips, explained that the number one root cause of ransomware incidents during the period was exploitation of remote access. This indicates that the shift to remote working has provided new opportunities for cyber-criminals to monetize corporate attacks.
This chimes with data released by ESET in June, which pointed to a sharp spike in RDP attacks over the first few months of 2020: from just under 30,000 in December to over 100,000 during May.
As for BEC and fund transfer scams, they accounted for almost half of all cybercrime losses recorded by the FBI last year: coming in at a staggering $1.8bn. This is up from around $1.3bn out of a total of $2.7bn in 2018.
“Email intrusion, invoice manipulation and domain spoofing were the most common attack techniques for funds transfer fraud incidents,” McPhillips continued. “Organizations that use Microsoft Outlook for email were more than three-times as likely to experience a business email compromise compared to organizations that use Google Gmail.”