Average ransom demand increased to $1.2 million

Coalition announced the results of its H1 2021 Cyber Insurance Claims Report. Coalition analyzed claims data through June 2021 from 50,000 customers in the United States and Canada. Coalition’s analysis reveals that ransom demands have grown substantially over the past year, smaller companies are increasingly targeted, and cyber criminals continue to take advantage of dislocations in how we work.

From the first half of 2020 to 2021, the average ransom demand made to Coalition policyholders increased nearly threefold, from $450,000 to $1.2 million per claim. Coalition also observed the emergence of several aggressive new ransomware variants, including Mount Locker, HelloKitty, and Conti. While the average ransom demand steadily increased, the average payout Coalition made for ransomware claims decreased slightly from the first half of 2020 to the first half of 2021, reflective of its efforts to help policyholders negotiate ransoms and recover data backups.

While ransomware has become more widespread and severe in the past year, many organizations continue to be targeted by less sophisticated attack techniques that exploit the new patterns of remote work. Nearly 50% of attacks against Coalition’s policyholders were initiated by phishing and social engineering. From the first half of 2020 to 2021, Coalition found that funds transfer fraud (FTF) attacks increased 28% and business email compromise attacks increased 51%. In that time period, the average funds stolen in an FTF attack increased from $116,842 to $326,264 — a 179% increase.

These attacks are also increasingly targeting small and micro businesses. In 2021, Coalition saw a 57% increase in the frequency of attacks against organizations with under 250 employees. The increased automation of cyber attacks, as well as the more widespread use of insecure remote access tools during the pandemic, has left these organizations exposed and created new opportunities for cyber criminals.

“It’s clear that ransomware and other cyber crimes have escalated considerably in the past year. Bad actors are targeting everything from critical infrastructure to the corner store,” said Joshua Motta, CEO and co-founder of Coalition. “We believe that when organizations understand their risk profile and take proactive steps to reduce their risk, they can safely embrace new technology and remain resilient to cyber attacks. That’s why Coalition offers proactive security tools and incident response services alongside insurance, and it’s why our customers continue to experience one-third as many claims compared to the overall market.”

Coalition’s H1 2021 Cyber Insurance Claims Report reveals top cyber crime trends, the continued impact of the COVID-19 on cyber risk exposure, and predictions for the state of cyber crime in 2021 and beyond. To read the full report, click here.

Situational awareness should be at the forefront of your security program. It can mean the difference between life and death in a workplace emergency.

Security’s digital transformation is now entering stage 5. Complex security technologies are connected to HR systems, global security operations centers, and other building technologies in a world where employees now work in two places: home and the corporate office.