This month, PacketWatch CEO Chuck Matthews discusses the top three trends in cyber insurance losses. Read on to learn how to protect your organization from these threats.
In Munich RE’s Mid-Year State of the Cyber Market Update, Miguel Canals, SVP, Senior Cyber Underwriter, identified three items representing key loss trends in the cyber insurance markets. The losses give us a picture of areas we should direct more attention to.
The three main trends driving losses in 2023 are:
The list also resembles what PacketWatch has seen in our recent investigations.
92% of people who paid were not able to recover all their data, according to Forbes. Additionally, 80% were targeted again after paying.
Yet ransomware gangs have raked in more than $1.9 billion over the past 3 years according to the 2023 Chainalysis Crypto Crime report, in part thanks to insurers facilitating ransom payments.
This scourge will only stop when people stop paying the criminals.
Recently, a U.S.-led alliance of forty countries stated their intention to sign a pledge never to pay ransom to cybercriminals according to a White House official.
That’s encouraging, but will they follow through? That remains to be seen.
As more stolen data is posted (because fewer people are paying), privacy matters surrounding the stolen data are taking center stage, and regulators are ready to come after the firms involved.
This is a double whammy for impacted firms. After suffering through the damage from the ransomware, firms get hit by privacy lawsuits and enforcement actions from regulators.
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced its first enforcement action related to ransomware.
Doctors' Management Services, determined to be a business associate (BA) under HITECH, reached a $100,000 settlement (fine) and three years of HIPAA compliance monitoring after a ransomware breach exposed the data of 206,695 individuals. Add to that case the recent cyber enforcement actions by the FTC and SEC.
Regulators yield a large stick, and you’d better be prepared for them to come for you following an attack. This trend will certainly increase over the next few years.
This calamity exploited by the Clop ransomware gang has entangled some thousand organizations and impacted over 60 million individuals.
Zero-days that affect commonly used applications and hardware are increasingly common.
Some say this is due to the funding provided from the ransom payments.
What used to be solely in the realm of government-funded entities (think NSA, GRU, FSB), zero-days can now be afforded by organized criminals with wallets, fat from ransom payments.
Mandiant estimates that 75% of zero-day instances appear to be linked to ransomware operations.
Of the 69 zero-days disclosed so far in 2023, 44 have been used in the wild from January to September, according to Google's Threat Analysis Group.
We expect that trend to continue to increase.
Leaked data just by MOVEit exploits affecting more than 60 million people, privacy litigation and regulatory actions will also continue to increase. Just wait for it.
Assuming these trends continue, what should you do?
Our team continues to believe that all ransomware is avoidable with good cyber hygiene continuously applied. (See Simon Taylor’s 12 P’s blog for more.) Keep patched, use MFA properly, have tested back-ups, etc.
On the privacy side, most litigation and enforcement actions can be eased with some upfront work.
Those simple things will make a dramatic difference.
We believe these trends will continue into 2024 and the next several years. As you make your plans for 2024, consider how these trends will affect your firm.
If you need help, we have an entire team ready to support you as needed. Contact us for a free consultation.
Chuck Matthews is the CEO of PacketWatch, a US-based boutique cybersecurity firm focused on incident response, managed detection and response, forensics, and advisory services utilizing their proprietary network-based threat-hunting platform.