In 2020, the global pandemic created near-perfect conditions for cybercriminals. Unsurprisingly, we have witnessed a dramatic spike in cybercrime, but what is driving this threat and what will the implications be for cyber risks throughout 2021?
Increase in the Cyber 'Attack Surface'
The shift to remote work and the large-scale dependency on personal devices and residential networks have expanded threat actors’ attack surface — the number of different points through which an unauthorized user can access or extract data from an environment. At the same time, organizations have been adapting to remote working trends at a record pace, increased virtual public meetings and services.
The net effect has been a mass increase in potential targets for criminals to exploit and an unprecedented expansion of corporate networks beyond their external firewalls. Cybersecurity in these conditions has proved extremely challenging. Organizations of all industries and sizes were forced to pivot many critical operations to remote environments rapidly and with little time for preparation, exposing insufficient information technology infrastructures, data governance, and security controls.
Explosive Growth in Cyber Attacks
In parallel, ransomware proved devastating in 2020 with incidents becoming more frequent, targeted and automated. Global ransomware attacks rose by 40% in the first three quarters of 2020 compared with the same period in 2019, and payments more than doubled in size since the start of 2020. Increasingly sophisticated and AI-enabled tactics have seen large agencies become more and more vulnerable. For example, criminals have not only accessed core systems, they are successfully infiltrating backup systems as well. Criminals have also started extrapolating data from hacked networks and threatening to release it as part of the extortion scheme.
In addition, SCADA systems have proved to be vulnerable to targeted attacks, as was evidenced by the attack at the Oldsmar Water Treatment Plant in Florida, where the attacker increased the level of sodium hydroxide, more commonly known as lye, in the water from 100 parts per million to 11,100 parts per million.
Meanwhile, the explosion of “ransomware as a service” has lowered the barriers to entry for aspiring cybercriminals, enabling less sophisticated actors to cause significant harm.
Cyber Insurance Demand Grows, Losses Soar
The spike in cybercrime has driven demand for cyber insurance, with many revisiting their cyber insurance programs and requesting higher limits.
Not surprisingly, insurers have become increasingly nervous about the deteriorating risk landscape, and risk quality and underwriters are far more thorough in their underwriting review.
Despite the challenging landscape, there are reasons for optimism. Organizations are more aware of the importance of purchasing a robust cyber insurance program, and of the need to improve and harden critical IT systems.
For many years, Cyber insurance programs focused on the risks faced by the loss of third party data. The leading cyber insurance programs today address these risks, as well as provide extensive coverage for the direct costs incurred in the response to a cyber event.
The leading cyber insurance programs take this a step further by delivering preventative services to actively monitor client networks to identify weakness, and recommend corrective actions to mitigate these risks.