Posted on by don

Cybercrime, and specifically Ransomware, is growing at alarming rates

Cybercrime, and specifically Ransomware, is growing at alarming rates impacting organizations around the world

It is anticipated by 2025, Global cybercrime damage costs are expected to reach $10.5 trillion

From approx. $325 million in 2015 we have now reached approx. $20 billion in 2021.

It has been predicted that in 2021 every 11 seconds a ransomware attack will occur on businesses.
Ransomware is rapidly evolving, fueled by the rise of:
Ransomware as a Service (RaaS)
Data exfiltration prior to encryption
Deeper, more invasive attacks

Sophisticated cyber resilience is imperative, and companies need to continuously
adapt in this changed threat environment.

Network outages and business interruption are lasting longer. A typical outage length of 7-10 days from global ransom & extortion claims.

The demand and cost for forensics, recovery, legal counsel, and other response services is at an all-time high given the volume of attacks.

Ransomware claims have increased significantly in frequency and severity in recent years and continue to evolve.

AIG has seen an increase of more than 150% in frequency of ransom and extortion claims notifications since 2018.

All sizes of company are impacted by ransomware, across all types of industries. Ransom and extortion claims accounted for 1 in every 5 cyber claims in 2020, up from 1 in every 10 cyber claims in 2018.
Demand values can be in the tens of millions of dollars with payments varying depending on the characteristics of the attack.

When data was exfiltrated prior to encryption, ransom and extortion claims costs were 2x higher.

Losses may impact multiple coverage sections: extortion, event management, network interruption, security & privacy.

Ransomware victims have similar deficiencies in controls for managing ransomware risk.

Use strong authentication controls for all administrative access where possible and deploy compensating controls where it’s not.

Deploy modern endpoint controls and timely remediate vulnerabilities. Enable appropriate active directory controls and understand / verify your attack surface.

visit www.cisa.gov/ransomware For additional actions and resources available to your organization to address ransomware.

Sources:
American International Group, Inc. (AIG)
Data sourced from AIG cyber claims analysis, Q3 2020
Cybercrime Magazine- cybersecurityventures.com
https://cybersecurityventures.com/cybercrime-damages-6-trillion-by-2021/
Special Report: Cyberwarfare In The C-Suite
– Steve Morgan, Editor-in-Chief Cybersecurity Ventures
Sausalito, Calif. – Nov. 13, 2020