Specialist insurer Beazley has reported an increase in the severity and cost of ransomware attacks this year compared to 2019.
Consequently, Beazley considers ransomware the biggest cyber threat currently facing organisations.
According to the latest Beazley Breach Insights report, the total cost of ransom payments doubled year-on-year through the first six months of 2020, based on incidents reported to Beazley’s in-house breach response team, BBR Services.
Additionally, Beazley says the nature of ransomware attacks has also markedly changed in 2020.
Today’s ransomware incidents are more likely to include a threat to release stolen data versus encryption alone.
Threat actors increasingly have prior access to a network before deploying their attack, during which time they are working to escalate their privileges, move laterally through the network, and perform reconnaissance on the network and data stored on it.
Frequently, they now also exfiltrate data and upload it to an external site, both to prove that they have access and to threaten exposure.
Despite the growing complexity of the attacks, Beazley notes that there are opportunities to disrupt criminals’ activities during the cyber extortion process.
Organizations should not only try to prevent a ransomware infection, but prepare in case they do get infected, through multiple layers of security, each reducing the risk and probability of ransomware.
“In an incredibly challenging year in which ransomware has become the biggest cyber threat to impact individuals and organizations alike, the severity of ransomware attacks has continued to escalate,” said Paul Bantick, Beazley’s Global Head of Cyber & Technology.
“Our underwriting, claims and threat intelligence database shows that ransomware attacks are much more sophisticated and severe, thus, it is critical that organizations adopt a layered approach to security and take stringent measures to make it hard for threat actors at every step.”