Ransomware and Supply Chain Attacks Drive Rising Cyber Insurance Claims

Ransomware Claims Surge After Period of Stabilization

A new (free) report from global insurer Allianz warns that cyber insurance claims have picked up again in 2023, driven by a resurgence in ransomware extortion attacks and mass hacks exploiting vulnerabilities in software supply chains.

The report notes that ransomware claims stabilized in 2022 but surged 50% year-over-year in early 2023. Attackers increasingly use data theft and supply chain exploits to maximize extortion leverage. For example, the recent mass MOVEit software hack impacted thousands of companies after a ransomware group exploited a vulnerability to steal data from multiple victims.

Data Theft and Supply Chain Attacks Add Costs

Data exfiltration has become a norm, with the proportion of attacks involving stolen data doubling from 40% in 2019 to almost 80% in 2022. Uncontained data theft rapidly multiplies notification, monitoring, regulatory fines, and reputation repair costs to the victim company. Allianz’s claims analysis shows that breaches not quickly contained can cost 1,000 times more than those that are.

Supply chain attacks have also increased, with criminals penetrating IT providers to access their customers’ systems. Software-as-a-service giant Kaseya was infamously hacked in this manner last year, impacting 1,500+ downstream businesses.

Implications for Insurers and Policyholders

According to Allianz, these trends concern insurers facing potential accumulation risk. Mass software attacks like the MOVEit hack can trigger multiple claims simultaneously across interconnected policyholders.

Allianz recommends that policyholders focus on detection and response, as prevention alone is increasingly insufficient. Companies discover just one-third of breaches themselves, highlighting the need for better threat monitoring. Early detection technology can help curb the escalating breach costs Allianz has observed.

The report advises directing more security budgets to detection tools like intrusion prevention systems and security information management software. Rapid response is also essential, as costs quickly snowball once data is encrypted or stolen. Firms with response plans and who contract for breach services, pre-breach can better control intrusions and resulting costs.

For smaller firms with fewer security resources, Allianz stresses the priority of understanding potential risks, budgeting for tailored security measures, and partnering with managed security providers.

Access the Full Allianz Cyber Security Report (Recommended)

Overall, Allianz concludes that while prevention remains important, events like the surge in data theft and supply chain attacks show that companies must increasingly prioritize early threat detection and response capabilities. Insurers will likely adjust products and underwriting accordingly.

You can access the full 32-page Allianz report here by clicking on the following title:“Cyber security trends 2023: The latest threats and risk mitigation best practice – before, during, and after a hack.”