Business email compromises (BEC) made up 24% of the total number of cyber related incidents reported to Beazley Breach Response (BBR) Services in 2018, up from 13% in 2017, according to a report by the specialist re/insurer.
BEC are social engineering attacks in which a cybercriminal uses compromised email credentials or spoofs a legitimate email address.
They use it to try to trick an employee into making an electronic payment to a bank account controlled by the cybercriminal or, in some cases, to transfer sensitive data.
Beazley’s report is based on information gathered from investigations into more than 3,300 data incidents in 2018 and takes an in-depth look at how the common breaches are perpetrated, with tips for businesses on how to deal with them.
“The threat posed by cyber criminals continues to grow in complexity as they devise new techniques to breach IT security and trick unsuspecting employees into allowing them access to systems,” said Katherine Keefe, Global Head of BBR Services at Beazley.
“By handling thousands of data breaches every year, BBR Services is able to shine a light on where the new and emerging cyber threats are coming from and help businesses to better understand and prepare for a breach.”
Beazley says the report shows 47% of all incidents investigated by BBR Services in 2018 were the result of a hack or malware. Of these, approximately half were BEC.
Beazley found that the average ransomware demand in 2018 was more than $116,000, but this was skewed by a handful of excessively large demands.
The median demand was $10,310 whilst the highest was for $8.5 million – the equivalent of 3,000 Bitcoin at the time.
Furthermore, small-to-medium sized businesses, which tend to spend less on information security, were at a higher risk of being hit by ransomware than larger firms.
Helen Nuttall, International Breach Manager at Beazley, added, “Outside North America, we have seen a 147% increase in breaches reported to us in 2018 compared to 2017. Of those breaches, 41% were hack or malware, which is reflective of the wider rise in business email compromises and ransomware attacks.”
“As organisations move to cloud-based environments, there is a corresponding increase in attacks that are seeking to exploit existing vulnerabilities and persuade individuals to reveal their user credentials.
“Implementation of multi-factor authentication, strong passwords, and regular employee training are all critical steps to minimise this risk.”