New data from cyber specialist Corvus Insurance has found that fraudulent funds transfer (FFT) and ransomware are the top drivers of cyber loss in 2022, accounting for over 50% of all claims combined.
FFT alone comprised 36% of all claims in Q3, Corvus’s Corvus Risk Insights Index shows, and continues to generate substantial losses for organizations.
This kind of attack is defined as one in which threat actors use social engineering tactics to trick employees or vendors into transferring funds to the wrong accounts.
The increasing rate of these incidents signals a continued susceptibility to Business Email Compromise (BEC), Corvus notes, with FFT representing 70% of all BEC-related claims.
The proportion of ransomware incidents targeting the U.S. declined in early 2022, but average claim costs remained high, at nearly three times the average of an FFT claim.
Corvus also observed a 66% increase in third-party breaches in 2022, including a 20% increase in the share of third-party ransomware attacks
Looking ahead, it’s expected that ransomware and FFT are to remain the top drivers of cyber loss, as Corvus data shows that ransomware and FFT are the two most consistent tactics of choice for threat actors, together representing more than half of all Corvus claims.
FFT emerged as a top driver of cyber loss over the past year in terms of frequency, while ransomware remained by far the most costly category of cyber claims.
“Global cybercrime is growing more complex by the day, presenting security leaders with new challenges. With the power of security insights and dynamic claims data feeding Corvus’s technologies, we can help our policyholders improve their cybersecurity posture by informing them of emerging threats and best practices,” said Jason Rebholz, Chief Information Security Officer at Corvus Insurance.
“While ransomware continues to be a dominant risk, we are seeing tactics change, including the rise of other forms of extortion as well as funds transfer fraud. The findings from our report serve as a reminder to all security leaders that cybersecurity is fluid and attackers will shift their methods, even revisiting old tactics, so long as they continue to reap financial benefits.”