In the first half of 2024, the frequency of cyber insurance claims for Coalition showed a slight decrease, dropping from 1.61% to 1.55%. However, despite this decrease in frequency, the severity of ransomware attacks increased by a significant 68%, as reported in Coalition’s “2024 Cyber Claims Report: Mid-year Update”. This trend highlighted the persistent threat posed by ransomware to businesses, with an average loss of $353,000 per incident.
The report emphasized the impact of ransomware attacks on businesses with over $100 million in revenue, noting a 140% surge in overall claims severity for this cohort. These businesses suffered an average loss of $307,000, marking a historic high in claims severity. While ransomware accounted for 18% of event types for claims, businesses faced the most significant financial losses due to these attacks.
Despite the overall decrease in claims frequency, ransomware remained a prevalent threat, causing businesses to incur substantial financial losses. The report highlighted a consistent pattern in ransomware activity, with attackers being more active during winter holidays and less so during summer months. This trend indicated a strategic approach by threat actors to maximize their impact and financial gains.
Furthermore, the report detailed the impact of ransomware attacks on specific industries, noting a decrease in attack frequency for some sectors. Notably, businesses in the financial services industry reported a decrease in ransomware frequency across all revenue bands. However, the healthcare sector, particularly businesses with over $100 million in revenue, experienced a 32% dip in ransomware frequency compared to the previous year.
The report also highlighted the significance of supply chain risks in driving ransomware numbers, citing attacks against prominent vendors like United Healthcare’s Change Healthcare and CDK Global. These attacks demonstrated how downstream customers were affected by vulnerabilities in their suppliers, with nearly 75% of auto dealers with over $100 million in revenue impacted by the attack against CDK Global.
In addition to analyzing ransomware trends, the report delved into ransom payments and negotiations. While the decision to pay a ransom remains contentious, the report revealed that 40% of policyholders opted to pay a ransom demand during the first half of 2024. Coalition successfully negotiated ransom demands down by an average of 57%, highlighting the importance of strategic decision-making in response to ransomware attacks.
Moreover, the report identified risky technologies and practices that increased the likelihood of reported claims, emphasizing ongoing challenges with vulnerability management and the implementation of basic security protocols like multi-factor authentication (MFA). Policyholders using specific boundary devices, remote access products, and end-of-life software were found to be more susceptible to cyber attacks, underscoring the need for proactive security measures.
Overall, Coalition’s “2024 Cyber Claims Report: Mid-year Update” pointed to the evolving landscape of cyber threats, with ransomware attacks continuing to pose a significant risk to businesses. The report underscored the importance of robust cybersecurity measures, proactive risk management, and strategic decision-making in mitigating the impact of cyber incidents and safeguarding organizations against financial losses.