Half of the lawsuits in 2023 were the result of Funds Transfer Fraud (FTF) or Business Email Compromise (BEC). The results of this study highlight the importance of email security.
“Threat actors want to get paid, and the email mailbox has proven to be an easy place for attackers to discover payment information and potentially intervene in payment processes to steal funds”,
we read in the latest report of the Coalition.
Based on data from claims reported between January 1 and December 31, 2023, this study notes that certain devices increase the likelihood of a cyber disaster.
Indeed, this report revealed an increased risk for organizations using security devices, such as firewalls and virtual private networks (VPNs). While these tools can help reduce cyber risk, using some of them can actually increase the likelihood of a cyber disaster should it occur vulnerabilities known
Average loss of $100,000
For example, the Coalition found that companies with Internet-exposed Cisco ASA devices were nearly five times more likely to experience a disaster in 2023, and companies with Internet-exposed Fortinet devices were twice as likely to be the subject of a disaster. .
“We also found that policyholders using Remote Desktop Protocol exposed to the Internet were 2.5 times more likely to experience a claim”we read in this document.
This new insight follows Coalition Security Labs researchers’ discovery of a 59% increase in the number of unique IP addresses scanning the Open Remote Desktop Protocol over the past year.
Total loss frequency increased 13% year-over-year and total loss severity increased 10% year-over-year, resulting in an average loss of $100,000.
Pay the ransom
The frequency of claims increased across all revenue brackets, with companies with revenues between $25 million and $100 million seeing the largest increase (up 32% year-over-year).
As ransomware payouts hit $1 billion globally, ransomware severity in the coalition dropped by 54%. The severity, frequency and demands of ransomware decreased in the second half of 2023, but not enough to offset the increase in the first half.
The frequency of ransomware increased by 15% year-over-year and the severity increased by 28%, with an average loss of more than $263,000.
When the insured felt it was reasonable and necessary to pay the ransom, the Coalition helped them negotiate the amounts demanded, which were reduced in
an average of 64%.
FTF frequency increased 15% year-over-year and severity increased 24%, for an average loss of more than $278,000. The frequency of BEC increased by 5% compared to the previous year and the weight decreased by 15%.
In this species fraud, attackers can divert funds before or during transmission. This is usually done using social engineering techniques, sometimes resulting from email spoofing or even compromising business email.