Cyber threats have been on the rise in the first half of 2024, with cybercriminals taking advantage of security vulnerabilities stemming from the increasing consolidation of businesses and technologies. According to Resilience, the rebound in merger and acquisition activity, coupled with the trend towards technology consolidation, has created a plethora of new potential weak points for malicious actors to exploit.
The global M&A deal volume surged by 36% in the first quarter of 2024, signaling positive economic growth but also highlighting the heightened risk posed by such consolidation. Industries relying on a single supplier for critical platform services face significant repercussions if that supplier falls victim to a breach. Apart from the financial toll of ransom payments, organizations hit by such breaches also experience business interruptions and revenue losses.
Notable cyber incidents involving heavily interconnected systems, like those affecting Change Healthcare, CDK Global, and CrowdStrike, underscore the far-reaching consequences of attacks on interconnected systems. The BlackCat hacking group, responsible for the Change Healthcare breach, had already made a name for themselves in 2023 as the most costly ransomware attacker, with their attacks accounting for 18% of covered losses.
Resilience CEO Vishaal Hariprasad emphasized the need for a reevaluation of how business leaders address cyber risks in the current landscape. With increased vendor interdependence and M&A activity, organizations are more vulnerable to cyber threats than ever before, necessitating a collaborative approach to cybersecurity across industries.
Ransomware has emerged as the primary source of financial loss since January 2023, with 64% of ransomware-related claims resulting in losses. The severity of financial losses due to ransomware attacks surged by 411% from 2022 to 2023, underlining the escalating threat posed by such attacks. Vendor-driven claims, stemming from vendor data breaches or ransom attacks exploiting third-party vulnerabilities, have become the fastest-growing cause of loss for claims overall.
The manufacturing and construction sectors witnessed a significant uptick in cyber claims in 2024, with manufacturing accounting for 41.7% of all claims and construction for 25.0%. Tom Egglestone, global head of claims at Resilience, highlighted the inadequacy of considering cybersecurity merely as a budgetary line item, stressing the importance of adopting a risk-centric approach grounded in understanding the financial impact of cyber threats.
In conclusion, the increasingly interconnected nature of modern businesses and technologies has magnified the threat posed by cybercriminals, necessitating a proactive and collaborative approach to cybersecurity to mitigate risks effectively. With cyber threats evolving and intensifying, organizations must prioritize robust security measures and cultivate a culture of resilience to safeguard against potential cyber-attacks and financial losses.