Phishing fears rise as SMEs become new target

The world’s first active insurance provider designed to prevent digital risk before it strikes, has warned criminals are turning to phishing as the preferred method to impact companies across the world.

Coalition has issued the mid-year update to its 2022 Cyber Claims Report detailing the evolution of cyber trends.

While phishing is on the rise the report also cautions that smaller firms are becoming the preferred targets given their lack of cyber security awareness. It added ransomware attacks are declining as demands go unpaid.

During the first half of 2022, the average cost of a claim for a small business owner increased to $139,000, a figure 58% higher than levels during the first half of 2021.

“Across industries, we continue to see high-profile attacks targeting organisations with weak or exposed infrastructure — which has become exacerbated by today’s remote working culture and companies’ dependence on third-party vendors,” said Catherine Lyle, Coalition’s head of claims. “Small businesses are especially vulnerable because they often lack resources. For these businesses, avoiding downtime and disruption is essential, and they must understand that active insurance is accessible.”

Both Coalition and the broader insurance industry observed a decrease in ransomware attack frequency and the amount of ransom demanded between the second half of 2021 and the first half of 2022. Ransomware demands decreased from $1.37 million in the second half of 2021 to $896,000 in the first half of this year. Of the incidents that resulted in a payment, Coalition negotiated down to roughly 20% of the initial demand.

“Organisations are increasingly aware of the threat ransomware poses. They have started to implement controls such as offline data backups that allow them to refuse to pay the ransom and restore operations through other means,” said Chris Hendricks, Coalition’s head of incident response. “As ransomware is on the decline, attackers are turning to reliable methods. Phishing, for example, has skyrocketed – and only continues to grow.”

The insurer said its policyholders experienced 50% fewer claims compared to the broader market. The severity of these claims has also declined, with 45% of incidents resolved at no cost. The substantial decrease in overall claims stems from Coalition’s combination of cybersecurity tools, including active monitoring and alerting, access to digital forensics and incident response, and broad insurance coverage.