According to the H1 2020 Cyber Insurance Claims Report by cyber insurance and security firm Coalition, cyberattacks have increased in both volume and severity since the beginning of the COVID-19 pandemic. Overall, policyholders most frequently filed claims related to ransomware (41%), funds transfer loss (27%) and business email compromise (19%). Average payment demands in ransomware cases increased 100% from 2019 through the first quarter of 2020, most often exploiting remote access to spread newer, more malicious strains of ransomware that demand higher payments.
The pandemic-related shift to remote work has also offered more opportunities for cybercriminals to attack with email-based threats and social engineering. Cyber insurance claims increased 35% for funds transfer fraud (when fraudulent instructions are sent to a business’s financial institution) and social engineering, with cases most frequently involving email intrusion, invoice manipulation and domain spoofing. Organizations also suffered a 67% increase in business email compromise attacks (or “CEO fraud”), in which scammers impersonate a known source and make a seemingly legitimate business request. Coalition noted that organizations that use Microsoft Outlook were three times more likely to experience business email compromise than organizations that use Gmail.