Malware attacks that encrypt company data and systems and demand a ransom payment for release continue to surge globally. The increasing frequency and severity of ransomware incidents is driven by several factors: the growing number of different attack patterns such as ‘double’ and ‘triple’ extortion campaigns; a criminal business model around ‘ransomware as a service’ and cryptocurrencies; the recent skyrocketing of ransom demands; and the rise of supply chain attacks.

“The number of ransomware attacks may even increase before the situation gets better,” says Scott Sayce, global head of cyber at AGCS. “Not all attacks are targeted. Criminals also adopt a scattergun approach to exploit those businesses that aren’t addressing or understanding the vulnerabilities they may have. As insurers we must continue to work with our clients to help businesses understand the need to strengthen their controls. At the same time, in today’s rapidly evolving cyber insurance market, providing emergency response services, as well as financial compensation, is now the standard.”

Cyber intrusion activity globally jumped 125% in the first half of 2021 compared with the previous year, according to Accenture, with ransomware and extortion operations one of the major contributors behind this increase.

According to the FBI, there was a 62% increase in ransomware incidents in the US in the same period that followed an increase of 20% for the full year 2020.

These cyber risks trends are mirrored in AGCS’ own claims experience. AGCS was involved in over a thousand cyber claims overall in 2020, up from around 80 in 2016; the number of ransomware claims (90) rose by 50% on 2019 (60). In general, losses resulting from external cyber incidents such as ransomware or DDoS attacks account for most of the value of all cyber claims analysed by AGCS over the past six years.

Share Story: