Coalition, the world’s first Active Insurance provider, has published its 2024 Cyber Claims Report: Mid-year Update. which highlights a sharp rise in ransomware severity and other emerging cyber trends. According to the report, ransomware claims spiked by 68% during the first half of 2024, with an average loss of $353,000, despite a decrease in overall attack frequency.
The report cites the Play and BlackSuit ransomware variants as significant contributors to this trend. Coalition’s Head of Claims, Rob Jones, noted that while ransomware attacks were less frequent, their impact and demand amounts surged. “We saw a marked spike in the severity and demand amounts,” Jones said. Coalition’s affiliate, Coalition Incident Response, managed to reduce ransom demands by half through effective negotiations, but Jones emphasised that ransomware remains a volatile threat.
The report also detailed a decline in funds transfer fraud (FTF), with both frequency and severity decreasing by 2% and 15%, respectively. Nevertheless, Coalition successfully recovered $10.8 million in fraudulent payments on behalf of policyholders during the first half of the year.
In addition to ransomware, the Mid-year Update highlighted an increase in material cyber risk aggregation events. Notable incidents included attacks on Change Healthcare and CDK Global, which caused widespread third-party business disruption for many small to mid-sized companies. Nearly 23% of healthcare businesses with revenue exceeding $100 million were affected by the Change Healthcare attack, while 11% of organisations with revenues between $25 million and $100 million were similarly impacted. The CDK Global ransomware event affected approximately 75% of auto dealerships generating over $100 million in revenue.
“As third-party risk grows and aggregation events become part of the business lexicon, Coalition continues to take an active role in risk mitigation for policyholders,” added Jones. Coalition is focusing on proactive risk management, working directly with policyholders to reduce the impact of cyber events, minimise financial losses, and ensure business continuity.
Additional findings from the report indicate that overall claims severity rose by 14%, with an average loss of $122,000. This increase is largely attributed to the rise in ransomware severity, as threat actors targeted larger businesses, leading to more significant payouts. Despite the increased severity, the report found that the overall frequency of claims dropped by 4%.
Business email compromise (BEC) remained the most common cyber event, with frequency increasing by 4% and accounting for nearly one-third of all cyber insurance claims. Coalition also found that businesses using web-accessible applications were 3.1 times more likely to experience a cyber claim, as threat actors continued to exploit easy access points online.
Coalition’s report underscores the evolving nature of cyber threats, particularly the growing risks posed by ransomware and third-party cyber events. As businesses navigate these challenges, Coalition’s proactive approach aims to mitigate risks and provide support in an increasingly volatile digital landscape.
