Ride the Lightning

Ransomware and Fraudulent Funds Transfer: Over Half of Cyber Insurance Claims in 2022

December 14, 2022

InfoSecurity Magazine reported on December 7 that fraudulent funds transfer (FFT) and ransomware were the biggest drivers of financial loss from cybercrime in 2022, accounting for more than 50% of insurance claims, according to figures from insurance company Corvus.

Corvus found that FFT and ransomware “are the two most consistent tactics of choice for threat actors,” with FFT representing 28% of cyber claims and ransomware 23% in its all-time figures.

Interestingly, the average FFT claim is significantly lower than ransomware – $90,000 versus $256,000, respectively. Additionally, over all time, ransomware claims are three-times higher than that of FFT. This is because “FFT incidents do not typically involve costly data restoration, system recovery, business interruption or breach response efforts” that are required following ransomware attacks.

Nonetheless, Jason Rebholz, CISO at Corvus Insurance, told Infosecurity that the cyber insurance industry must avoid “tunnel vision” on ransomware, viewing it as the sole threat to organizations.

“While the cost of ransomware claims are three times that of fraudulent funds transfer, the higher frequency of other attack vectors like business email compromise (BEC) and FFT could deliver death by a thousand cuts,” he explained.

The prevalence of FFT, in which social engineering techniques are used to trick employees or vendors into transferring funds to the wrong accounts, highlights the growing effectiveness of BEC scams. The report found that FFT represented 70% of all BEC-related claims, and BEC made up 45% of claims in H1 2022.

In Q3 2022, FFT accounted for 36% of all claims, an all-time high. And the percentage of FFT claims did not dip below 25% over the previous six quarters.

Now occurring in nearly 50% of ransomware claims, “the rate of data exfiltration shows that attackers are attempting to generate additional points of leverage to increase the likelihood of a ransom payment,” said the report.

Rebholz noted: “As organizations improve their resilience against ransomware attacks, threat actors continue to find ways to increase the pain factor to force ransom payments.”

The study also observed a 66% increase in claims for third-party breaches in 2022, including a 20% rise in the share of third-party ransomware attacks.

Rebholz commented, “Rising instances of data exfiltration show that cyber-criminals will respond quickly to thwart security professionals and identify creative ways to increase leverage in ransom negotiations. Insurers have visibility into these changes, enabling us to take an informed, proactive approach with our brokers, policyholders and partners.”

In November 2022, a Delinea study found that just 30% of cyber insurance holders are covered for critical risks including ransomware, ransom negotiations and payments.

Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225, Fairfax, VA 22030
Email:   Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson