www.helpnetsecurity.com Open in urlscan Pro
44.229.104.176  Public Scan

Form analysis
1 forms found in the DOM

POST

<form id="mc4wp-form-1" class="mc4wp-form mc4wp-form-244483 mc4wp-ajax" method="post" data-id="244483" data-name="Footer newsletter form">
  <div class="mc4wp-form-fields">
    <div class="hns-newsletter">
      <div class="hns-newsletter__top">
        <div class="container">
          <div class="hns-newsletter__wrapper">
            <div class="hns-newsletter__title">
              <i>
                        <svg class="hic">
                            <use xlink:href="#hic-plus"></use>
                        </svg>
                    </i>
              <span>Cybersecurity news</span>
            </div>
          </div>
        </div>
      </div>
      <div class="hns-newsletter__bottom">
        <div class="container">
          <div class="hns-newsletter__wrapper">
            <div class="hns-newsletter__body">
              <div class="row">
                <div class="col">
                  <div class="form-check form-control-lg">
                    <input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="520ac2f639" id="mcs1">
                    <label class="form-check-label text-nowrap" for="mcs1">Daily Newsletter</label>
                  </div>
                </div>
                <div class="col">
                  <div class="form-check form-control-lg">
                    <input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="d2d471aafa" id="mcs2">
                    <label class="form-check-label text-nowrap" for="mcs2">Weekly Newsletter</label>
                  </div>
                </div>
              </div>
            </div>
            <div class="form-check form-control-lg mb-3">
              <input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="28abe5d9ef" id="mcs3">
              <label class="form-check-label" for="mcs3">(IN)SECURE - monthly newsletter with top articles</label>
            </div>
            <div class="input-group mb-3">
              <input type="email" name="email" id="email" class="form-control border-dark" placeholder="Please enter your e-mail address" aria-label="Please enter your e-mail address" aria-describedby="hns-newsletter-submit-btn" required="">
              <button class="btn btn-dark rounded-0" type="submit" id="hns-newsletter-submit-btn">Subscribe</button>
            </div>
            <div class="form-check">
              <input class="form-check-input" type="checkbox" name="AGREE_TO_TERMS" value="1" id="mcs4" required="">
              <label class="form-check-label" for="mcs4">
                <span>I have read and agree to the <a href="https://www.helpnetsecurity.com/newsletter/" target="_blank" rel="noopener" class="d-inline-block">terms &amp; conditions</a>
                </span>
              </label>
            </div>
          </div>
        </div>
      </div>
    </div>
  </div><label style="display: none !important;">Leave this field empty if you're human: <input type="text" name="_mc4wp_honeypot" value="" tabindex="-1" autocomplete="off"></label><input type="hidden" name="_mc4wp_timestamp"
    value="1698891272"><input type="hidden" name="_mc4wp_form_id" value="244483"><input type="hidden" name="_mc4wp_form_element_id" value="mc4wp-form-1">
  <div class="mc4wp-response"></div>
</form>

Text Content

 * News
 * Features
 * Expert analysis
 * Videos
 * Events
 * Whitepapers
 * Industry news
 * Product showcase
 * Newsletters

 * 
 * 
 * 


Please turn on your JavaScript for this page to function normally.
Help Net Security
November 1, 2023
Share


PUBLIC EXPOSURE OF DATA BREACHES IS BECOMING INEVITABLE



Ransomware incidents rising again as criminals use data exfiltration and supply
chain attacks to maximize their leverage, according to Allianz.



Allianz Commercial analysis of large cyber losses shows the number of cases in
which data is exfiltrated is soaring, as is the number of incidents becoming
public. Cyber breaches that are not detected and contained early can be 1,000
times more expensive than those that are.

Companies’ cybersecurity priorities should include bolstering their detection
and response capabilities.


HACKERS TARGET IT AND PHYSICAL SUPPLY CHAINS

Following two years of high but stable loss activity, 2023 has seen a worrying
resurgence in ransomware and extortion claims as the cyber threat landscape
continues to evolve, Allianz Commercial warns in a new report.

Hackers are increasingly targeting IT and physical supply chains, launching mass
cyberattacks, and finding new ways to extort money from companies, large and
small. Most ransomware attacks now involve the theft of personal or sensitive
commercial data for the purpose of extortion, increasing the cost and complexity
of incidents, as well as bringing greater potential for reputational damage.

Allianz Commercial analysis of large cyber losses shows the number of cases in
which data is exfiltrated is increasing every year – doubling from 40% in 2019
to almost 80% in 2022, with 2023 significantly higher.

“Cyber claims frequency has picked up again this year as ransomware groups
continue to evolve their tactics,’ says Scott Sayce, Global Head of Cyber,
Allianz Commercial. “Based on claims activity during the first half of 2023, we
expect to see around a 25% increase in the number of claims annually by
year-end. The attackers are back, and focused again on Western economies, with
more powerful tools, enhanced processes, and attack mechanisms. Given this
dynamic, a well-protected company is necessary to stand up to the threat and,
increasingly, the most important element of this is developing strong detection
and fast response capabilities.”


STABLE CYBER CLAIMS IN 2022 INDICATE IMPROVED RISK MANAGEMENT

According to the Allianz report before, during and after a hack, the frequency
of cyber claims stabilized in 2022, reflecting improved cybersecurity and risk
management actions among insured companies.

Law enforcement agencies targeting ransomware gangs, together with the Ukraine
Russia conflict, are also thought to have helped curtail ransomware activity.
However, ransomware activity alone was up 50% year-on-year during the first half
of 2023.

So-called Ransomware-as-a-Service (RaaS) kits, where prices start from as little
as $40, remain a key driver in the frequency of attacks. Ransomware gangs are
also carrying out more attacks faster, with the average number of days taken to
execute one falling from around 60 days in 2019 to four.

“Double and triple extortion incidents – using a combination of encryption, data
exfiltration and DDoS – to obtain money are not new but they are now more
prevalent,’ says Michael Daum, Global Head of Cyber Claims, Allianz Commercial.
“Several factors are combining to make data exfiltration more attractive for
threat actors. The scope and amount of personal information being collected is
increasing, while privacy and data breach regulations are tightening globally.
At the same time, the trends towards outsourcing and remote access leads to more
interfaces for threat actors to exploit.”

Data exfiltration can significantly add to the cost of a loss or cyber claim.
Such incidents can take longer to resolve, while legal and IT forensics can be
extremely expensive. If data has been stolen, companies must know exactly what
data has been exfiltrated and will likely have to notify customers, who could
seek to claim compensation or threaten litigation.

This year has also seen several large mass ransomware attacks as threat actors
used exploits in software and weaknesses in IT supply chains to target multiple
companies. For example, the MOVEit mass cyberattack, which exploited a data
transfer software product, impacting millions of individuals and thousands of
companies, contributed to the increase in the frequency of claims in 2023 to
date, affecting multiple policyholders simultaneously.

“More mass cyberattacks can be expected in the future,’ says Daum. ‘Companies
and their insurers need to better understand the interconnectivity and
dependencies that exist between organizations and within digital supply chains.”


GROWING NUMBER OF PUBLIC CASES

In the past the number of cyber incidents that became public knowledge was low.
Today, it is a different story, as with data exfiltration, hackers threaten to
publish stolen data online. Allianz Commercial analysis of large cyber losses
(EUR1mn+) shows that the proportion of cases becoming public increased from
around 60% in 2019 to 85% in 2022 with 2023 set to be even higher.

“Today, if you have data exfiltration it will likely go public, and every
company needs to be prepared for this,” says Rishi Baviskar, Global Head of
Cyber Risk Consulting, Allianz Commercial.

With potentially costly financial and reputational consequences, companies may
feel under more pressure to pay ransoms where data has been stolen. The number
of companies paying a ransom has increased year-on-year – from just 10% in 2019
to 54% in 2022, again based on analysis of large losses only (EUR1mn+).
Companies are two-and-a half times more likely to pay a ransom if data is
exfiltrated, on top of the encryption.

However, paying a ransom for exfiltrated data does not necessarily resolve the
issue. The company may still face third party litigation for the breach of data,
especially in the US. Indeed, there are few cases where a company should believe
that there is no other solution other than paying the ransom to be able to
re-access its systems or data. Any impacted party should always inform and
cooperate with the authorities.

Protecting an organization against intrusion remains a cat and mouse game, in
which cybercriminals have the advantage. Allianz analysis of more than 3,000
cyber claims over the past five years shows that external manipulation of
systems is the cause of more than 80% of all incidents.


THREAT ACTORS EMBRACE AI FOR FASTER, AUTOMATED ATTACKS

Threat actors are now exploring ways to use AI to automate and accelerate
attacks, creating more effective AI-powered malware, phishing, and voice
simulation. Combined with the explosion in connected mobile devices – Allianz
Commercial has seen a growing number of incidents caused by poor cyber security
in this area – attack avenues only look likely to increase.

Preventing a cyberattack is therefore becoming harder and the stakes higher. As
a result, early detection and response capabilities and tools are becoming ever
more important. Around 90% of incidents are contained early. However, if an
attack is not stopped in the early stages the chances of preventing it becoming
something much more serious and costly greatly reduce.

“Traditional cyber security has focused on prevention with the goal of keeping
attackers out of a network,’ says Baviskar. “While investment in prevention
reduces the number of successful cyber-attacks there will always be a ‘gap’
remaining that will enable attacks to get through. For example, it is not
possible to stop all employees from clicking on increasingly sophisticated
phishing emails.”

Companies should direct additional cyber security spend on detection and
response, rather than just adding more layers to protection and prevention. Only
one third of companies discover a data breach through their own security teams.
However, early detection technology is readily available and effective.

“Detection systems are constantly improving and can save lots of pain,
decreasing detection and response times. This is something we look for in our
cyber risk assessments and underwriting,” adds Baviskar.

Cyber breaches that are not detected and contained early can be as much as 1,000
times more expensive than those that are, the report highlights, with Allianz
Commercial analysis showing that early detection and response can stop a €20,000
loss turning into a €20 million one.

“Prevention drives frequency of attacks and response is responsible for how
significant the loss will be – whether it is a minor IT incident or a corporate
crisis,’ says Daum. “We believe companies can meaningfully prepare and there is
room for improvement in how they respond to these attacker threats. Ultimately,
early detection and response capabilities will be key to mitigating the impact
of cyberattacks and ensuring a sustainable cyber insurance market going
forward.”





More about
 * Allianz
 * artificial intelligence
 * cybercrime
 * cybersecurity
 * data breach
 * extortion
 * ransomware
 * report
 * supply chain attacks
 * survey

Share


FEATURED NEWS

 * Product showcase: LayerX browser security extension
 * BiBi-Linux wiper targets Israeli companies
 * Atlassian patches critical Confluence bug, urges for immediate action
   (CVE-2023-22518)

eBook: Cybersecurity career hacks for newcomers



SPONSORED

 * eBook: Cybersecurity career hacks for newcomers
 * Guide: SaaS Offboarding Checklist
 * Webinar: The external attack surface & AI’s role in proactive security




DON'T MISS

 * Product showcase: LayerX browser security extension
 * BiBi-Linux wiper targets Israeli companies
 * Atlassian patches critical Confluence bug, urges for immediate action
   (CVE-2023-22518)
 * From Windows 9x to 11: Tracing Microsoft’s security evolution
 * How security observability can help you fight cyber attacks




Cybersecurity news
Daily Newsletter
Weekly Newsletter
(IN)SECURE - monthly newsletter with top articles
Subscribe
I have read and agree to the terms & conditions
Leave this field empty if you're human:

© Copyright 1998-2023 by Help Net Security
Read our privacy policy | About us | Advertise
Follow us
×