Frequency of ransomware claims jumps 64% YoY, At-Bay | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

The frequency of ransomware claims in the United States between 2022-2023 jumped by a staggering 64% year over year, which was was primarily driven by an explosion in “indirect” ransomware incidents which increased by more than 415% in 2023 than in 2022, according to a new report from At-Bay.

The firm recently released its 2024 InsurSec Report, which details new trends in ransomware attacks against mid-market and emerging organisations.

A notable figure from the report shows that attackers continued to exploit remote access technology, with 58% of direct ransomware incidents attributable to a remote access vulnerability.

Attackers also reportedly swayed their focus from RDP to targeting self-managed VPNs, which accounted for 63% of the remote access ransomware events seen in 2023, according to At-Bay.

However, the severity of ransomware attacks dropped in At-Bay’s portfolio year-over-year. Likely driven by more businesses successfully restoring from backups in the wake of an attack, the average cost of a direct
ransomware attack decreased by 24% in 2023, to $370K.

Register for the Artemis ILS Asia 2024 conference

Additionally, research conducted by At-Bay has showcased that businesses who failed to restore their data from backups were 3X more likely to pay a ransom than those who could not.

Business interruption costs were also reportedly lower, according to the report.

Meanwhile, the average ransom demand by attackers exceeded $1.26 million in 2023, however the average amount paid came in at $282K, which is 77% lower than the initial demand on average.

Rotem Iram, CEO and Co-Founder of At-Bay, commented: “Vulnerabilities in remote access products continue to drive too many successful ransomware attacks. Technology providers and cybersecurity professionals must prioritize securing the perimeter by default and improving response to emerging threats, understanding that small businesses are unlikely to be able to solve those on their own.”

Tara Bodden, General Counsel and Head of Claims at At-Bay, said: “Too often, real-world data on cyber risk and its correlation with financial losses is inaccessible to businesses. As an InsurSec provider, our visibility into both empirical claims and cyber research data uniquely enables us to surface meaningful correlations with great accuracy.

“We’re committed to increasing transparency in the security ecosystem by sharing our data insights, and better enabling organizations to deploy their scarce cybersecurity resources for maximum impact.”

Print Friendly, PDF & Email


Click Here For The Original Source.


National Cyber Security