According to findings from Coalition, an active cyber insurance provider, more than half (56%) of all cyber insurance claims in 2023 stemmed from either funds transfer fraud (FTF) or business email compromise (BEC), underscoring the importance of email security as a key component of effective cyber risk management.
These insights are detailed in Coalition’s 2024 Cyber Claims Report, which explores emerging cyber trends and their impact on Coalition policyholders throughout 2023.
Robert Jones, Head of Global Claims at Coalition, explains, “Threat actors want to get paid, and the email inbox has proven to be an easy place for an attacker to uncover payment information and potentially intervene in payment processes to steal funds.”
Jones further notes, “In 2023, Coalition endeavoured to make recovering from a cyber incident as painless as possible for our policyholders: We successfully helped claw back more than $38 million in fraudulent transfers and handled 52% of all reported matters without out-of-pocket payments.”
The report also highlights heightened risks for organisations relying on boundary devices, such as firewalls and virtual private networks (VPNs). While these tools are designed to mitigate cyber risks, the utilisation of certain boundary devices may inadvertently increase the likelihood of cyber claims due to known vulnerabilities.
For instance, Coalition’s analysis reveals that businesses with internet-exposed Cisco ASA devices were nearly five times more prone to filing a claim in 2023, while those with internet-exposed Fortinet devices were twice as likely to experience a claim.
Shelley Ma, Incident Response Lead at Coalition’s affiliate, Coalition Incident Response, adds, “We also found that policyholders using internet-exposed remote desktop protocol were 2.5 times more likely to experience a claim.
“With new AI tools making it even easier to execute targeted cyber attack campaigns and identify exploitable assets, having an active partner that can help protect your organisation from digital risk is crucial,” Ma concludes.
These findings follow Coalition’s Security Labs researchers identifying a 59% surge in unique IP addresses scanning for open remote desktop protocol over the course of the previous year.
