Report | October 2023
Cyber security trends 2023
The latest threats and risk mitigation best practice – before, during and after a hack
Investments in cyber security are paying off but an evolving threat landscape will require much greater focus on early detection and response capabilities.
Improvements in cyber security and business continuity are helping to combat encryption-based ransomware attacks, yet the cyber threat landscape is continually evolving. 2023 has seen a worrying resurgence in ransomware and extortion claims, resulting in an uptick in costly incidents, demonstrating that although progress is being made, the threat posed by ransomware shows little sign of abating.
Reports note that the number of ransomware victims surged by as much as 143% globally during the first quarter of 2023 with January and February seeing the highest number of hack and leak cases in three years. Ransomware alone is projected to cost its victims approximately US$265bn annually by 2031.
Hackers are increasingly targeting IT and physical supply chains, launching mass cyber-attacks and finding new ways to extort money from companies, large and small. Most ransomware attacks now involve the theft of personal or sensitive commercial data for the purpose of extortion, adding further cost and complexity, as well as the increased potential for reputational damage and third-party liability. Allianz analysis of a number of large insurance industry cyber losses shows that the proportion of cases in which data is exfiltrated is increasing every year – from 40% of cases in 2019 to around 77% of cases in 2022, with 2023 on course to surpass last year’s total.
Protecting an organization against intrusion remains a cat and mouse game, in which the cyber criminals have the advantage. Threat actors are now exploring ways to use artificial intelligence (AI) to automate and accelerate attacks, creating more effective AI-powered malware and phishing. Combined with the explosion in connected mobile devices and 5G-enabled Internet of Things, the avenues for cyber-attacks look only likely to increase in the coming years.
Preventing a cyber-attack is therefore becoming harder, and the stakes higher. As a result, early detection and response capabilities are becoming ever more important. An intrusion can quickly escalate, and once data is encrypted and / or stolen, the consequences and costs snowball – costs can be as much as, or even more than, 1,000 times higher than if an incident is not detected and contained early, Allianz analysis shows.
Ultimately, early detection and effective response capabilities will be key to mitigating the impact of cyber-attacks and ensuring a sustainable insurance market going forward.
Threat landscape: Resurgent ransomware targets data and supply chains
Ransomware remains the top cyber threat and the single largest cause of cyber insurance claims by some distance. Following a short hiatus in 2022, ransomware attack frequency has picked up again in 2023 as threat actors use data exfiltration and supply chain attacks to maximize their leverage.
Key developments
- Ramsomware groups continue to adapt their tactics and business models in response to cyber security changes.
- Ransomware-as-a-Service (RaaS) remains a key driver for the ongoing frequency of attacks.
- Double and triple extortion attacks are not new, but they are now more prevalent, and potentially more impactful and costly for affected companies.
- Supply chain-enabled ransomware attacks have now become an established part of the ransomware playbook.
- Rise in mass ransomware attacks means insurers will need to better understand the interconnectivity and dependencies that exist between companies and within digital supply chains.
Future threats: AI, IoT and skills shortage to fuel future cyber-attacks
Artificial intelligence (AI) is widely expected to power future ransomware attacks, with automated attack processes, more convincing phishing, and faster malware development. However, it could also enhance cyber security, with more effective and faster detection and threat intelligence.
Key developments
- AI-powered language models and voice simulation software recent additions to the cyber criminal’s arsenal.
- Allianz Commercial has seen a growing number of incidents caused by poor cyber security around mobile devices.
- Technical skills crisis in cyber security is also increasing the cost of responding to an incident.
Claims: Stabilization trend threatened by mass attacks and data exfiltration
Cyber claims frequency picked up again during the first half of 2023, although improved cyber security over the past two years has helped control first party losses and improve the overall quality of risk.
Key developments
- Ransomware and extortion-based attacks remain the largest source of cyber insurance claims by volume and frequency.
- In addition to extortion claims, there has also been an uptick in the number of data privacy claims in the US, related to biometric information.
- Allianz analysis of large cyber losses shows that the number of cases in which data is exfiltrated has significantly increased, as has the number of incidents becoming public.
- Allianz Commercial claims analysis shows that breaches that are not detected and contained early can be 1,000 times more expensive.
Number of cyber-related claims per year
Totals include all cyber-related claims per year. 2023 1H of the year only.
Source: Allianz Commercial
Mitigation: Early detection is key to combating emerging cyber threat
The vast majority of cyber-attacks are contained quickly and, if insured, often fall within policy deductible levels, or are not even notified. According to Allianz analysis, just 2% of claims drive the overall loss amount, and in almost all cases these would have benefited from early detection. Meanwhile, good data management is essential to mitigating the impact of data exfiltration attacks, as are a growing number of specialist services.
Key developments
- The key to avoiding damaging cyber-attacks and mitigating losses is to detect an attack in its early stages.
- Companies should direct additional cyber security spend on detection and response. Only one third of companies discover a breach through their own security teams.
- Companies that are routinely and properly managing their data, and making sure it is stored appropriately, and deleted when it is no longer required, will reduce their risks.
- Smaller companies need to develop a clear understanding of their potential risks and allocate ample resources in terms of personnel, IT infrastructure, and budget to implement tailored security measures.
- Midcorps must identify their crucial IT assets, then collaborate with cyber security service partners to deploy detection and monitoring tools at the network perimeter and endpoints.
Cyber security trends 2023
The latest threats and risk mitigation best practice – before, during and after a hack
Download the report
Simply fill out the form below to receive an email from us with the link to the full report.
Enjoy reading!
Fields marked with asterisk (*) are mandatory.
