The frequency of cyber claims stabilised in 2022, reflecting improved cyber security and risk management actions among insured companies, the report said.
Law enforcement agencies targeting attackers, together with the Ukraine–Russia conflict, are also believed to have helped curtail ransomware activity. However, ransomware activity rose 50% year-on-year during the first half of 2023.
According to the report, most ransomware attacks now involve the theft of personal or sensitive commercial data for the purpose of extortion, increasing the cost and complexity of incidents, along with the potential for reputational damage.
“Several factors are combining to make data exfiltration more attractive for threat actors. The scope and amount of personal information being collected is increasing, while privacy and data breach regulations are tightening globally. The trend towards outsourcing and remote access leads to more interfaces for threat actors to exploit,” said Michael Daum, global head of cyber claims, Allianz Commercial.
Supply chain-enabled ransomware attacks have now become customary, the report showed. This year, there were several mass ransomware attacks—including the MOVEit cyberattack—as threat actors used exploits in software and weaknesses in IT supply chains to target companies.
Ransomware-as-a-service, in which cybercriminals sell/lease ransomware to launch attacks, remained a key driver for the ongoing frequency of attacks, the report said. Threat actors are also carrying out more attacks faster, with the average number of days taken to execute an attack falling from around 60 days in 2019 to four.